Magento Archives - Security Affairs

Pierluigi Paganini September 10, 2025

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts. Adobe addressed a critical vulnerability, tracked as CVE-2025-54236 (aka SessionReaper, CVSS score of 9.1) in its Commerce and Magento Open Source platforms. The vulnerability is an improper input validation flaw. “The bug, dubbed […]

Pierluigi Paganini May 05, 2025

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Supply chain attack via 21 backdoored Magento extensions hit 500–1,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. Curiously, the malicious code was injected 6 years ago, but the supply chain attack was […]

Pierluigi Paganini February 11, 2025

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores. Sucuri researchers found threat actors using Google Tag Manager (GTM) to deploy e-skimmer malware on a Magento eCommerce site. Google Tag Manager (GTM) is a free tool that lets website owners manage marketing tags without modifying site code, […]

Pierluigi Paganini October 03, 2024

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have exploited a critical Adobe Commerce vulnerability, tracked as CVE-2024-34102 (aka CosmicSting, CVSS score of 9.8), to compromise more than 4,000 e-stores over the past three months. The flaw is an Improper Restriction […]

Pierluigi Paganini July 23, 2024

Hackers abused swap files in e-skimming attacks on Magento sites

Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap files in compromised Magento websites to conceal a persistent software skimmer and harvest payment information. The attackers used this tactic to maintain persistence and allowing the malware to […]

Pierluigi Paganini April 05, 2024

Magento flaw exploited to deploy persistent backdoor hidden in XML

Threat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores. Sansec researchers observed threat actors are exploiting the recently disclosed Magento vulnerability CVE-2024-20720 to deploy a persistent backdoor on e-stores. The vulnerability CVE-2024-20720 (CVSS score of 9.1) is an OS Command (‘OS Command Injection’) vulnerability that could lead to arbitrary code […]

Pierluigi Paganini August 14, 2023

Ongoing Xurum attacks target Magento 2 e-stores

Experts warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites using Adobe’s Magento 2 CMS. Akamai researchers warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites running the Magento 2 CMS. The attackers are actively exploiting a server-side template injection issue, tracked as CVE-2022-24086, (CVSS score: 9.8), in Adobe Commerce and Magento Open Source. The […]

Pierluigi Paganini November 17, 2022

Magento and Adobe Commerce websites under attack

Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022, Sansec researchers warned of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands […]

Pierluigi Paganini September 23, 2022

Surge in Magento 2 template attacks exploiting the CVE-2022-24086 flaw

Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers are warning of a hacking campaign targeting the CVE-2022-24086 Magento 2 vulnerability. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands of e-stores worldwide. In February, Adobe […]

Pierluigi Paganini September 01, 2022

Researchers analyzed a new JavaScript skimmer used by Magecart threat actors

Researchers from Cyble analyzed a new, highly evasive JavaScript skimmer used by Magecart threat actors. Cyble Research & Intelligence Labs started its investigation after seeing a post on Twitter a new JavaScript skimmer developed by the Magecart threat group used to target Magento e-commerce websites. In Magecart attacks against Magento e-stores, attackers attempt to exploit vulnerabilities […]

Magento

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Hackers abused swap files in e-skimming attacks on Magento sites

Magento flaw exploited to deploy persistent backdoor hidden in XML

Ongoing Xurum attacks target Magento 2 e-stores

Magento and Adobe Commerce websites under attack

Surge in Magento 2 template attacks exploiting the CVE-2022-24086 flaw

Researchers analyzed a new JavaScript skimmer used by Magecart threat actors

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

DoJ resentenced former BreachForums admin to three years in prison

Apple backports fix for actively exploited CVE-2025-43300

New supply chain attack hits npm registry, compromising 40+ packages

Cybercrime group accessed Google Law Enforcement Request System (LERS)

QUICK LINKS

Magento

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!