A new Magecart threat actor is stealing people’s payment card info from their browsers using a digital skimmer that uses a unique form of evasion to bypass virtual machines (VM) so it targets only actual victims and not security researchers.