Security News

Cybercriminals are targeting websites running the Magento platform to inject them with code that can steal credit card data and infect visitors with malware, Flashpoint reports. The open-source...

Change your passw... ugh, what's the point? Hackers have compromised hundreds of e-commerce sites running the popular open-source Magento platform to scrape credit card numbers and install...

DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento is an open source...

Magento this week released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 to address numerous vulnerabilities, including a remote code execution bug rated Critical severity. read more

DefenseCode recently discovered and reported multiple stored cross-site scripting and cross-site request forgery vulnerabilities in Magento 1 and 2 which will be addressed in one of the future...

A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.

Researchers said last week they came across a malicious function that was snuck into a module in Magento in order to steal credit card information.

Administrators of e-commerce sites running on the open source platform Magento would do well to check their database for triggers with suspicious SQL code, warns Willem de Groot. De Groot is the...