Sansec
sansec-research · HIGH · active
Primary research firm for Magecart and e-commerce skimming campaigns (added 2026-05-17). Surfaced by S3 sub-agent during FunnelKit/WooCommerce active-exploitation pivot; Sansec confirmed the unauthenticated checkout-endpoint injection on FunnelKit Funnel Builder (cited in 2026-05-17 brief § 1). Industry standard for WordPress/Magento/PrestaShop skimmer disclosures. Candidate — promote to active after 3 runs with content contribution. | 2026-06-20 full audit (v2.62): live, drill=Y. CANONICAL Sansec entry (duplicate id `sansec` consolidated here). FETCH → webfetch https://sansec.io/research then drill per-article; Magecart / JS-supply-chain forensics, frequently first on CDN-compromise campaigns. Promoted candidate→active; +vulns; MEDIUM→HIGH.
Cited in 7 briefs
Citation cadence
Brief appearances per ISO week (6 weeks of coverage span, total 4).
- CTI Weekly Summary — 2026-W25 (Jun 15 – Jun 21, 2026)2026-W25
- CTI Weekly Summary — 2026-W23 (1–7 June 2026)2026-W23
- CTI Weekly Summary — 2026-W20 (May 11 – May 17, 2026)2026-W20
- CTI Daily Brief — 2026-06-162026-06-16
- CTI Daily Brief — 2026-06-072026-06-07
- CTI Daily Brief — 2026-06-042026-06-04
- CTI Daily Brief — 2026-05-172026-05-17