Web based keylogger

Here's a new one, but not really surprising, a web based keylogger. Web based keylogger attacks have been around for awhile apparently, I didn't know that. There has been an ongoing campaign occurring since May of this year called Magecart.  Essentially the attackers inject the keylogger code directly into the website, which steals credit card and other information at checkout  on e-commerce websites. The attackers targeted several e-commerce platforms including Magento, Powerfront CMS and OpenCart and attacks against several payment processing services, such as Braintree and VeriSign. Practicing safe e-commerce has just got tougher.