Bleeping Computer

Magento adds 2FA to protect against card skimming attacks

Adobe has added two-factor authentication (2FA) throughout the Magento platform in response to the widespread number of attacks where skimmer scripts are deployed on hacked e-commerce sites to steal ...
Bleeping Computer

Magento plugin Magmi vulnerable to hijacking admin sessions

A cross-site request forgery (CSRF) vulnerability continues to be present in the Magmi plugin for Magento online stores, despite developers receiving a report from researchers that discovered it.
Threat Post

Magecart Attack Impacts More Than 10K Online Shoppers

Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit. One of the largest known Magecart campaigns to date took place over ...
Threat Post

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws

Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites. Researchers have disclosed two flaws that could enable remote code execution attacks ...
ZDNet

Adobe urges customers to upgrade after 500 stores breached through Magento platform

Adobe urged customers using the Magento 1 e-commerce platform to upgrade to the latest version of Adobe Commerce after security company Sansec detected a mass breach of over 500 stores running the ...
Searchenginejournal.com

Magento Critical Vulnerabilities Announced by Adobe

Adobe announced it has released a patch for Magento 2 in order to fix multiple critical vulnerabilities. Some of the vulnerabilities could allow attackers to take over administrator sessions as well ...