Magento Archives - Help Net Security

Magento

Attackers mount Magento supply chain attack by compromising FishPig extensions

September 14, 2022

FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected …

CMS-based sites under attack: The latest threats and trends

May 3, 2022

Payment card skimmers are becoming more common in exploit kits affecting WordPress websites and attackers are spending more time customizing them to avoid detection, …

Small businesses urged to protect their customers from card skimming

November 23, 2021

With Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming …

Adobe fixes security holes in Magento, most of which are critical

August 10, 2021

Adobe has released security updates to address vulnerabilities in Magento and Adobe Connect. Magento August 2021 security updates Magento is a popular open-source e-commerce …

Aparna Bawa joins Palo Alto Networks board of directors

May 18, 2021

Palo Alto Networks announced the appointment of Aparna Bawa to the company’s board of directors. “Aparna is a proven leader who has helped technology companies …

Magento, Visual Studio Code users: You need to patch!

October 19, 2020

Microsoft and Adobe released out-of-band security updates for Visual Studio Code, the Windows Codecs Library, and Magento. All the updates fix vulnerabilities that could be …

Magecart Group 8 skimmed card info from 570+ online shops

July 8, 2020

Your payment card information got stolen but you don’t know how, when and where? Maybe you shopped on one of the 570 webshops compromised by the Keeper Magecart group …

Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

June 29, 2020

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life (EOL) and support (EOS) on June 30, 2020, and that …

How a favicon delivered a web credit card skimmer to victims

May 7, 2020

Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that “turn” malicious when victims visit …

Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge

April 29, 2020

Adobe has pushed out security updates fixing critical flaws in Magento Commerce, Open Source Enterprise and Community editions, Adobe Illustrator 2020 for Windows, and Adobe …

Magento patches critical code execution vulnerabilities, upgrade ASAP!

January 30, 2020

Adobe-owned Magento has plugged multiple critical vulnerabilities in its eponymous content management system, the most severe of which could be exploited by attackers to …

Most e-commerce websites running Magento at high risk of cybercrime

June 10, 2019

New research has found 87% of SME websites using the Magento platform are currently at high risk from cyber attacks. By contrast, under 10% of websites using other major …

Magento

Attackers mount Magento supply chain attack by compromising FishPig extensions

CMS-based sites under attack: The latest threats and trends

Small businesses urged to protect their customers from card skimming

Adobe fixes security holes in Magento, most of which are critical

Aparna Bawa joins Palo Alto Networks board of directors

Magento, Visual Studio Code users: You need to patch!

Magecart Group 8 skimmed card info from 570+ online shops

Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

How a favicon delivered a web credit card skimmer to victims

Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge

Magento patches critical code execution vulnerabilities, upgrade ASAP!

Most e-commerce websites running Magento at high risk of cybercrime

Don't miss

LastPass, GoTo announce security incident

A year later, Log4Shell still lingers

Cybersecurity engineering under the Federal Trade Commission

Predatory loan mobile apps grab data, harass users and their contacts

Why are K-12 educational institutions reluctant to report cyber incidents?