Third-Party Features Leave Websites More Vulnerable to Attack

I’m a s ‘guilty’ of this habit as many others. It’s worth a reality check of all the third-party includes you have in your own websites…:

[…] One of the major threats described in Tala’s “2019 State of the Web Report” is credential theft via attacks like Magecart. The report, based on surveys of American companies in the Alexa 1000 list of firms with the largest Web presences, shows that more than 60% of the websites use dynamic JavaScript loaded by static JavaScript — a significant potential attack surface. And the websites analyzed used an average of 31 third-party features, apps, or services.


Original article here