Security News

A card skimming operation has compromised 7339 Magento-based online stores, allowing the attackers to quietly slurp payment card info as it’s being entered by customers. Flagged in early August by...

Security researchers have been warning of a new trick that cybercriminals are leveraging to hide their malicious code designed to re-introduce the infection to steal confidential information from...

Cybercriminals are targeting websites running the Magento platform to inject them with code that can steal credit card data and infect visitors with malware, Flashpoint reports. The open-source...

Change your passw... ugh, what's the point? Hackers have compromised hundreds of e-commerce sites running the popular open-source Magento platform to scrape credit card numbers and install...

DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento is an open source...

Magento this week released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 to address numerous vulnerabilities, including a remote code execution bug rated Critical severity. read more

DefenseCode recently discovered and reported multiple stored cross-site scripting and cross-site request forgery vulnerabilities in Magento 1 and 2 which will be addressed in one of the future...

A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.

Researchers said last week they came across a malicious function that was snuck into a module in Magento in order to steal credit card information.