ctipilot.ch

Sansec

sansec-research · HIGH · active

https://sansec.io/research

researchvulnslang: enfailures: 0last fetch: 2026-06-22

Primary research firm for Magecart and e-commerce skimming campaigns (added 2026-05-17). Surfaced by S3 sub-agent during FunnelKit/WooCommerce active-exploitation pivot; Sansec confirmed the unauthenticated checkout-endpoint injection on FunnelKit Funnel Builder (cited in 2026-05-17 brief § 1). Industry standard for WordPress/Magento/PrestaShop skimmer disclosures. Candidate — promote to active after 3 runs with content contribution. | 2026-06-20 full audit (v2.62): live, drill=Y. CANONICAL Sansec entry (duplicate id `sansec` consolidated here). FETCH → webfetch https://sansec.io/research then drill per-article; Magecart / JS-supply-chain forensics, frequently first on CDN-compromise campaigns. Promoted candidate→active; +vulns; MEDIUM→HIGH.

Cited in 7 briefs

Citation cadence

Brief appearances per ISO week (6 weeks of coverage span, total 4).