Security News

Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks

2024-10-03 17:19

Approximately 5% of all Adobe Commerce and Magento online stores, or 4,275 in absolute numbers, have been hacked in "CosmicSting" attacks. [...]

#adobe #attack #hacked #magento

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit

2024-10-02 12:13

Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as...

#adobe #attack #exploit #magento #CVE-2024-34102

Adobe fixed Acrobat bug, neglected to mention whole zero-day exploit thing

2024-09-12 18:29

SaaS seller sets severity to 'critical' Adobe's patch for a remote code execution (RCE) bug in Acrobat this week doesn't mention that the vulnerability is considered a zero-day nor that a...

#acrobat #adobe #exploit #zeroday

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

2024-09-12 12:05

Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution:...

#adobe #CVE #exploit #POC #CVE-2024-41869 #CVE-2024-45112 #CVE-2024-39383

Adobe fixes Acrobat Reader zero-day with public PoC exploit

2024-09-11 17:42

A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit. [...]

#acrobat #adobe #exploit #POC #zeroday

CosmicSting flaw impacts 75% of Adobe Commerce, Magento sites

2024-06-20 20:02

A vulnerability dubbed "CosmicSting" impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks. "CosmicSting is the worst bug to hit Magento and Adobe Commerce stores in two years," says Sansec.

#adobe #magento

FTC files complaint against Adobe for deceptive cancellation practices

2024-06-18 15:17

The Federal Trade Commission has filed a complaint in US federal court against Adobe and two executives, Maninder Sawhney and David Wadhwani, for deceptive practices related to their subscription plans. Defendants Sawhney, Senior Vice President of Digital Go To Market & Sales at Adobe, and Wadhwani, President of Digital Media Business at Adobe, are accused of knowing about these violations yet continuing the same unlawful practices.

#adobe #FTC

Adobe Adds Firefly and Content Credentials to Bug Bounty Program

2024-05-01 13:00

Security researchers in Adobe's bug bounty program can now pick up rewards for finding vulnerabilities in Adobe Firefly and Content Credentials. Members of Adobe's public bug bounty program will be eligible to work with Adobe Firefly and Content Credentials in the second half of 2024, and applications for the private program are open.

#adobe #bounty #bugbounty #credential

From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

2024-04-05 09:40

Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that,...

#acrobat #adobe #adobeacrobat #malware #PDF

New Qbot malware variant uses fake Adobe installer popup for evasion

2024-02-15 13:27

One of the variants observed uses on Windows a fake installer for an Adobe product to trick the user into deploying the malware. Sophos' Advanced Threat Response Joint Task Force, or Sophos X-Ops for short, noticed fresh Qbot activity recently, with up to 10 new malware builds emerging since mid-December.

#adobe #malware

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News