> TritonInfoSec News
Home / Mar 27, 2026 / Story
0
#9 The Hacker News general March 26, 2026 at 06:53 UTC

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

By [email protected] (The Hacker News)

AI Summary

A new payment skimmer uses WebRTC data channels to receive payloads and exfiltrate stolen payment data from e-commerce sites, bypassing traditional Content Security Policy protections. This technique represents a novel approach to evading web security controls that rely on monitoring HTTP traffic.

Read full article → https://thehackernews.com/2026/03/webrtc-skimmer-b…

Relevance score: 75.0/100

# More from March 27

  1. 1
    CISA: New Langflow flaw actively exploited to hijack AI workflows BleepingComputer
  2. 2
    China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks The Hacker News
  3. 3
    Coruna iOS exploit framework linked to Triangulation attacks BleepingComputer
  4. 4
    Alleged RedLine malware developer extradited to US, faces up to 30 years The Record
  5. 5
    Russia arrests suspected owner of LeakBase cybercrime forum BleepingComputer
  6. 6
    Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website The Hacker News
  7. 7
    UK sanctions Xinbi marketplace linked to Asian scam centers BleepingComputer
  8. 8
    Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware The Record
  9. 10
    Google moves post-quantum encryption timeline up to 2029 CyberScoop