Shadow code third-party scripts and libraries often added to web applications without security validation pose risks to websites and jeopardize compliance with privacy regulations, according to new research conducted by Osterman Research for PerimeterX. Third-party code leaves organizations vulnerable to digital skimming and Magecart attacks, the researchers also noted.