A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.
Some shop owners leave their shops unattended, be it due to bad configuration or missing updates. It’s the “Key in the ignition – engine running” scenario. The problem: those oversights are easy to spot and hack, all one needs to do is write a script.
Researchers estimate thousands of ecommerce sites are under attack by a single threat actor that has infected servers with a web-based keylogger.
Ransomware dubbed KimcilWare is targeting websites running the e-commerce platform Magento and encrypting website files.
Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.
A trio of vulnerabilities were recently patched in eBay’s Magento e-commerce web application that could have let attackers carry out a handful of exploits.
A nasty remote code execution vulnerability was recently patched in Magento, eBay’s eCommerce platform