Hundreds of eCommerce sites, at least one of which is owned by a $40 billion multinational company, were impacted by a supply chain attack, Sansec reported. Cybersecurity observers believe the next major wave of enterprise breaches may not come from direct attacks but rather through trusted dependencies and third parties. The attack came from a sophisticated backdoor embedded within 21 Magento extensions concealed within license verification files. The attackers left the code dormant for six years and only activated it in April, ultimately compromising between 500 and 1,000 eCommerce websites with malicious code capable of stealing payment card information and other sensitive data. The Magento incident serves as a sign of a broader evolution in cyberattacks, from quick heists to long cons. This is espionage at the code level, and the prolonged and covert infiltration of eCommerce providers serves as a reminder of the evolving tactics employed by cybercriminals and the critical importance of proactive cybersecurity measures. A breach in an eCommerce plugin can cascade into enterprise resource planning (ERP) systems, customer relationship management (CRM) platforms and payroll software. A single compromised dependency can compromise thousands of downstream systems. The problem can be exacerbated by visibility gaps. Many enterprises struggle to maintain accurate inventories of their software components. Without knowing what’s under the hood, it’s nearly impossible to detect tampering, let alone respond swiftly when a vulnerability is disclosed. This new landscape may demand a shift in mindset. Trust-based assumptions, which were once the norm in IT supply relationships, are increasingly being replaced with “zero trust” frameworks that continuously verify and monitor every component and user. Software bills of materials (SBOMs), automated code integrity checks and secure-by-design principles are no longer optional but are becoming operational necessities.