Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS
Puja Srivastava We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a…
Browsing Category
Ecommerce Security
151 posts
MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
Ben Martin One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus…
40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager
Denis Sinegubko Hackers like Google Tag Manager: millions of sites use it, and they can inject custom scripts and HTML code via a script from the highly…
Skimming Credit Cards with WebSockets
If you were to believe shopping mall merchants, you’d think the holiday season starts immediately after Halloween. Christmas trees and candy canes abound, along with…
Black Friday & Cyber Monday Ecommerce Security Threats
Rianna MacLeod Consumers spent a whopping $35.3 billion during last year’s cyber week shopping season. With Cyber Monday accounting for $11.3 billion in revenue alone, this period remains…
Tampered OpenCart Authentication Aids Credit Card Skimming Attack
Using out of date software is the leading cause of website compromise, so keeping your environment patched and up to date is one of the…
Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images
MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or…
Compromised OpenCart Payment Module Steals Credit Card Information
Today’s story starts much the same as many others on this blog: A new client came to us reporting that credit card details were being…
Critical Security Update for Magento Open Source & Adobe Commerce
Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes…
SiteCheck Remote Website Scanner — Mid-Year 2023 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide…
New WooCommerce Security Best Practices Guide
WooCommerce is a widely used e-commerce platform, powering nearly 6 million online stores worldwide. Its popularity makes it a prime target for cybercriminals looking to…