We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a…
Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a…
As more businesses switch to online options Magento is a popular Content Management System (CMS) of choice for eCommerce websites. That being said, with the…
On Sunday, February 13th, Adobe pushed an emergency update to their Magento2 ecommerce software patching a critical unauthenticated remote code execution vulnerability. It is marked…
While unpatched installations of Magento 2 contain many vulnerabilities, I’m going to focus my attention on Magento 1 for this article. This is because Magento…
Adobe has recently released several critical security patches for both their open source and commercial versions of their ecommerce platform. There are a total of…
During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution…
Recently one of our analysts, Weston H., found a very interesting credit card stealer in a Magento environment which loads a malicious JavaScript without using…
Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites. A recent investigation for a compromised Magento 2…