Cybercriminals Using Trusted Google Domains to Spread Malicious Code

A new malvertising campaign is leveraging trusted Google domains and outdated JSONP API calls to inject malicious scripts into legitimate e-commerce websites. These scripts redirect users to phishing pages that mimic payment portals.