e-commerce
Unpatched SQLi vulnerability in SmartVista e-commerce suite
Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its …
PoC for several Magento vulnerabilities released, update now!
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento …
The untapped potential of machine learning for detecting fraud
E-commerce fraud protection company Signifyd has recently signed up behavioral analytics expert Long-Ji Lin to fill the position of Chief Scientist. “For advertisers, …
Connected devices and the future of payments
More than 80 percent of Americans have a strong interest in using connected devices to make purchases, with a keen eye toward security and data concerns, according to Visa and …
PCI SSC publishes best practices for securing e-commerce
Exponential online sales growth paired with the EMV chip migration in the US makes e-commerce payment security for merchants more important than ever before. As EMV chip …
6000+ compromised online shops – and counting
A week ago, RiskIQ researchers revealed that over 100 online shops have, at one point in the last six months, been injected with malicious JavaScript code that exfiltrates …
100+ online shops compromised with payment data-stealing code
Since March 2016 (and possibly even earlier), someone has been compromising a variety of online shops and injecting them with malicious JavaScript code that exfiltrates …
Shopware update fixes RCE bug that affects both shop and target system
Shopware, an open-source e-commerce software chosen by a number of big European companies to power their online shops, has recently pushed out a critical security update. The …
E-commerce web apps vulnerable to hijacking, database compromise
High-Tech Bridge researchers have published details and PoC exploit code for several serious vulnerabilities in Osclass, osCmax, and osCommerce, three popular open source …
Fake “account verification” email targeting Alibaba.com users
Businesses who use Alibaba.com to connect with Chinese manufacturers are being targeted in a recently discovered phishing campaign, Comodo warns. It takes the form of phishing …
100,000 web shops open to compromise as attackers exploit Magento bug
A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users’ …
Reactions to the eBay breach
A database containing eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth was compromised. Here are some of the …
Featured news
Resources
Don't miss
- Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
- 18 arrested in €300 million global credit card fraud scheme
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform