Hackers have compromised the website of the world-famous Tupperware brand and are stealing customers’ payment card details at checkout. The hackers integrated a malicious iframe that displays a fake payment form fields to shoppers. The attack was carefully orchestrated to keep the skimmer active for as long as possible – a clear indication that this is not the work of run-of-the-mill MageCart attackers. The payment form is currently loading from the legitimate domain cybersource.com, owned by Visa.com.
Source: https://www.bleepingcomputer.com/news/security/tupperware-site-hacked-with-fake-form-to-steal-credit-cards/