Sansec found a Magecart family that runs its skimmer straight out of Stripe. The attacker stores the card stealer in a Stripe customer's metadata and runs it...
this is a shop owner account security problem. if someone can place the required malicious google tag on your site, they could also do whatever else they wanted. they could put any custom JS, for example. this stealer is just one of many payloads.
this is a shop owner account security problem. if someone can place the required malicious google tag on your site, they could also do whatever else they wanted. they could put any custom JS, for example. this stealer is just one of many payloads.