Magecart Attack Convincingly Hijacks PayPal Transactions at Checkout

New credit-card skimmer uses postMessage to make malicious process look authentic to victims to steal payment data.
Source: Threadpost