https://www.theregister.co.uk/2018/09/12/feedify_magecart_javascript_library_hacked/

A Javascript library hosted by Feedify and used by e-commerce websites globally has been repeatedly infected this week to potentially siphon off countless victims' bank card details to crooks.

The library code is typically embedded into retail webpages by site administrators and developers to add a means for shoppers to leave customer feedback. That code – feedbackembad-min-1.0.js – is served from Feedify's web servers, and has been repeatedly tampered with by hackers to include the MageCart malware. This malicious software seeks out credit card details entered on the compromised webpages, and phones them home to an outside server controlled by fraudsters.