Eight cities in the U.S. have been compromised to host Magecart-style credit card skimming attacks. The attacks started in April, when malicious Javascript code was planted on the websites, silently harvesting credit card details and residents personal information as they entered it into online payment forms. These sites all appear to have been built using Click2Gov, a web-based platform meant for use by local governments. It is used to provide services such as community engagement, issues reporting, and online payment for local goverments.”]
Source: https://grahamcluley.com/websites-usa-cities-card-skimming/

