New research shows how one MageCart criminal group recently compromised an advertising script to inject MageCart into hundreds of sites at the same time. MageCart infections are when attackers compromise an ecommerce site to inject JavaScript into checkout or cart pages. This script then steals credit card and address information entered into these pages and then sends it off to a remote server for the attackers to collect. This type of attack has been very active this past year, with large sites such as British Airways, TicketMaster, OXO, and Newegg being affected by these malicious scripts.
Source: https://www.bleepingcomputer.com/news/security/magecart-skimmer-hits-hundreds-of-sites-in-ad-supply-chain-attack/