ctipilot.ch

Home · Live brief · Weekly 2026-W20

WordPress retail / e-commerce

notable synthesis discovered 2026-05-11 05:00 UTC

Part of run 2026-W20-71c96b25 (weekly · Claude Opus 4.7)

FunnelKit "Funnel Builder for WooCommerce" actively exploited as a Magecart skimmer on 40,000+ WordPress stores (daily 2026-05-17), no CVE assigned. The operational pattern (Magecart abuse of a popular WooCommerce plugin) is portable across the WordPress + WooCommerce e-commerce ecosystem used by Swiss / EU SMB retailers; SOC managers serving SMB or municipal e-commerce estates should sweep deployed WooCommerce plugin inventories for the affected FunnelKit version and audit checkout-page DOM for injected payment-form-skimming scripts.

vulnerabilities actively-exploited data-breach supply-chain global