They take a cut for every undisclosed vendor they load.
Loading additional code from external sources, creating Nth-party risk. The gun loads more guns. A single vendor script dynamically loads additional third-party scripts that were never disclosed, agreed to, or audited. Each layer multiplies the attack surface.
What It Costs You
GTM Attack Surface
Third-party scripts execute with full privileges on every page load. Dangerous code patterns, external dependencies, and data interception turn marketing infrastructure into attack vectors. One compromised dependency compromises the entire site.
Legal Tail Risk
Pre-consent data collection, undisclosed data sharing, and consent signal violations create regulatory exposure. Class actions and regulatory fines can exceed entire annual marketing budgets. Liability sits with the site owner, not the vendor.
Related Advisories
No published advisories reference this code yet.
Investigations are ongoing.
Blackout uses security frameworks to protect AGAINST vendors, not FOR them. We do not notify vendors. We do not provide remediation windows. If you're using a vendor flagged by this code, the advisory is your evidence.