MUST READ

Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät

 | 

Critical ASP.NET flaw hits QNAP NetBak PC Agent

 | 

Ransomware payments hit record low: only 23% Pay in Q3 2025

 | 

X warns users to re-enroll passkeys and YubiKeys for 2FA by Nov 10

 | 

Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.

 | 

Crafted URLs can trick OpenAI Atlas into running dangerous commands

 | 

Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD

 | 

Wordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flaws

 | 

Safepay ransomware group claims the hack of professional video surveillance provider Xortec

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

 | 

Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed

 | 

CVE-2025-59287: Microsoft fixes critical WSUS flaw under active attack

 | 

U.S. CISA adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog

 | 

Summoning Team won Master of Pwn as Pwn2Own Ireland Rewards $1,024,750

 | 

China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom

 | 

Pwn2Own Day 2: Organizers paid $792K for 56 0-days

 | 

Lazarus targets European defense firms in UAV-themed Operation DreamJob

 | 

U.S. CISA adds Motex LANSCOPE flaw to its Known Exploited Vulnerabilities catalog

 | 

Over 250 attacks hit Adobe Commerce and Magento via critical CVE-2025-54236 flaw

 | 

Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy

 | 

Magento

Pierluigi Paganini October 24, 2025
U.S. CISA adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below the list of flaws added to the […]

Pierluigi Paganini September 10, 2025
Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts. Adobe addressed a critical vulnerability, tracked as CVE-2025-54236 (aka SessionReaper, CVSS score of 9.1) in its Commerce and Magento Open Source platforms. The vulnerability is an improper input validation flaw. “The bug, dubbed […]

Pierluigi Paganini May 05, 2025
Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Supply chain attack via 21 backdoored Magento extensions hit 500–1,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. Curiously, the malicious code was injected 6 years ago, but the supply chain attack was […]

Pierluigi Paganini February 11, 2025
Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores. Sucuri researchers found threat actors using Google Tag Manager (GTM) to deploy e-skimmer malware on a Magento eCommerce site. Google Tag Manager (GTM) is a free tool that lets website owners manage marketing tags without modifying site code, […]

Pierluigi Paganini October 03, 2024
Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have exploited a critical Adobe Commerce vulnerability, tracked as CVE-2024-34102 (aka CosmicSting, CVSS score of 9.8), to compromise more than 4,000 e-stores over the past three months. The flaw is an Improper Restriction […]

Pierluigi Paganini July 23, 2024
Hackers abused swap files in e-skimming attacks on Magento sites

Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap files in compromised Magento websites to conceal a persistent software skimmer and harvest payment information. The attackers used this tactic to maintain persistence and allowing the malware to […]

Pierluigi Paganini April 05, 2024
Magento flaw exploited to deploy persistent backdoor hidden in XML

Threat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores. Sansec researchers observed threat actors are exploiting the recently disclosed Magento vulnerability CVE-2024-20720 to deploy a persistent backdoor on e-stores. The vulnerability CVE-2024-20720 (CVSS score of 9.1) is an OS Command (‘OS Command Injection’) vulnerability that could lead to arbitrary code […]

Pierluigi Paganini August 14, 2023
Ongoing Xurum attacks target Magento 2 e-stores

Experts warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites using Adobe’s Magento 2 CMS. Akamai researchers warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites running the Magento 2 CMS. The attackers are actively exploiting a server-side template injection issue, tracked as CVE-2022-24086, (CVSS score: 9.8), in Adobe Commerce and Magento Open Source. The […]

Pierluigi Paganini November 17, 2022
Magento and Adobe Commerce websites under attack

Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022, Sansec researchers warned of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands […]

Pierluigi Paganini September 23, 2022
Surge in Magento 2 template attacks exploiting the CVE-2022-24086 flaw

Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers are warning of a hacking campaign targeting the CVE-2022-24086 Magento 2 vulnerability. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands of e-stores worldwide. In February, Adobe […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät

Cyber Crime / October 28, 2025

Critical ASP.NET flaw hits QNAP NetBak PC Agent

Security / October 28, 2025

Ransomware payments hit record low: only 23% Pay in Q3 2025

Cyber Crime / October 28, 2025

X warns users to re-enroll passkeys and YubiKeys for 2FA by Nov 10

Security / October 28, 2025

Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.

APT / October 27, 2025