Security News > 2016 > February > Year-old critical Magento flaw still exploited, payment info stolen (Help Net Security)
2016-02-16 17:57
A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, warns Sucuri researcher Denis Sinegubko. At the time, the Magento development team pushed out a patch (SUPEE-5344) but after two whole months, 98,000 online merchants still didn’t implement it. This forced the team to send out email alerts directly to the users, urging them to … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/M3NhtdADhP8/
Related news
- Federal judge tightens DOGE leash over critical Treasury payment system access (source)
- Don't Overlook These 6 Critical Okta Security Configurations (source)
- 89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)