Attackers are abusing Google Apps Script business application development platform to steal credit card info submitted by customers of e-commerce websites while shopping online. They are using the script.google.com domain to successfully hide their malicious activity from malware scan engines and bypass Content Security Policy (CSP) controls. Magecart groups inject into hacked online stores as part of web skimming (also known as e-skimming) attacks. Other Google services were also abused in Magecart attacks, with the Google Analytics platform being used by attackers to steal payment info.
Source: https://www.bleepingcomputer.com/news/security/hackers-abuse-google-apps-script-to-steal-credit-cards-bypass-csp/