Nearly 40 shopping websites infected by MageCart Group 12 with JavaScript that steals payment card info is seeing a sharp increase. Some of them were compromised as early as September 30, 2019, allowing attackers to collect payment card data for more than four months. The skimmer is now hosted at jquerycdn[.]su, and suffered multiple modifications in the time interval tracked by researchers. Users that shopped there in the provided timeframe and used the online payment form are advised to request a new credit/debit card from the issuing bank.
Source: https://www.bleepingcomputer.com/news/security/credit-card-skimmer-running-on-13-sites-despite-notification/