Security News

Critical vulnerabilities in Adobe's Magento e-commerce platform - a favorite target of the Magecart cybergang - could lead to arbitrary code execution. Out of the flaws, Adobe has fixed three that it rates as critical in severity, meaning that successful exploits could "Allow malicious native code to execute, potentially without a user being aware."

Adobe’s Magento Marketplace has suffered a data breach, the company has said in an email sent to customers.

E-Commerce Platform User Data Exposed Exploited; Vulnerability Now FixedAdobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software...

Adobe-owned e-commerce platform Magento recently informed some Magento Marketplace users that an unauthorized third-party had gained access to their account information. read more

If you have ever registered an account with the official Magento marketplace to bought or sold any extension, plugin, or e-commerce website theme, you must change your password immediately....

The platform is a favorite target for the Magecart collective of card-skimming threat groups.

Popular ecommerce platform Magento is advising users to apply patches for a remote code execution flaw that could allow unauthenticated attackers to deliver malicious payloads. read more

Magento recently addressed vulnerabilities that could be exploited by unauthenticated attackers to hijack administrative sessions and then completely take over vulnerable web stores. read more

New research has found 87% of SME websites using the Magento platform are currently at high risk from cyber attacks. By contrast, under 10% of websites using other major e-commerce platforms...

A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t implemented the provided security...