One of the largest known Magecart campaigns to date took place over the weekend, with nearly 2,000 e-commerce sites hacked in an automated campaign that may be linked to a zero-day exploit. The attacks have impacted tens of thousands of customers, who had their credit-card and other information stolen, researchers said. Many victimized stores had no prior history of security incidents; and, they speculated that the attacks may be tied to a $5,000 Magento exploit that went up for sale in August in underground forums.
Source: https://threatpost.com/magecart-campaign-10k-online-shoppers/159216/