Pierluigi Paganini
September 17, 2017
Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed also a critical remote code execution vulnerability. Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed numerous flaws, including a critical remote code execution vulnerability. The remote code execution flaw impacts content management system (CMS) and layouts, it could be […]
Pierluigi Paganini
April 14, 2017
An unpatched vulnerability in Magento platform could be exploited by hackers to compromise fully web servers that host the e-commerce sites. An unpatched vulnerability in the Magento e-commerce platform could be exploited by attackers to upload and execute malicious PHP scripts on web servers that host online shops. The vulnerability was reported by experts at […]
Pierluigi Paganini
March 14, 2017
Cybercriminals hijack Magento Realex Payments extension to steal payment card data. Experts at Sucuri are observing massive attacks. Cybercriminals continue to target Magento platform to steal credit card data. Crooks have been abusing a payment module to steal payment card data from online shops running on Magento e-commerce platform. According to experts at security firm Sucuri, […]
Pierluigi Paganini
February 17, 2017
Security experts have discovered a new SQL malware targeting online shops running on Magento that hides the code in the website’s database. Security experts have discovered a new strain of malware that is targeted websites raising Russian the Magento eCommerce platform. The novelty is that this is the first a malware that hides the code in the website’s […]
Pierluigi Paganini
October 19, 2016
Security experts have spotted an interesting exfiltration technique adopted by crooks to exfiltrate card data from Magento platforms. Security experts from Sucuri and RiskIQ have spotted an interesting exfiltration technique adopted by crooks to exfiltrate payment data from compromised e-commerce websites powered by the Magento platform. Cybercriminals have been using image files to store and exfiltrate […]
Pierluigi Paganini
September 26, 2016
Security firm Sucuri published a detailed study, titled Hacked Website Report for 2016/Q2, on compromised websites on the Internet. According to the security expert Daniel Cid from Sucuri, at least 15,769 WordPress websites have been compromised this year. Sucuri has published a report, titled Hacked Website Report for 2016/Q2, related compromised websites on the web. The […]
Pierluigi Paganini
May 18, 2016
The vulnerability CVE-2016-4010 allows an unauthenticated attacker to execute PHP code at the vulnerable Magento server and fully compromise the shop. The Israeli security expert Nethanel Rubin (@na7irub) has reported a critical flaw (CVE-2016-4010) in the eBay Magento e-commerce platform that could be exploited by hackers to completely compromise shops online. The vulnerability rated 9.8/10 has been […]
Pierluigi Paganini
January 26, 2016
A stored cross-site scripting vulnerability in Magento exposes millions of e-commerce websites at risk of takeover, update your platform as soon as possible Once again a vulnerability in the popular Magento e-commerce platform opens at risk of hijacking attacks millions of online merchants. According to the experts at Sucuri, the Magento e-commerce platform was affected by a […]
Pierluigi Paganini
October 30, 2015
The security expert Ebrahim Hegazy has published an interesting post detailing his discovery of a new Magento Remote Code Execution Vulnerability. The popular hacker Ebrahim Hegazy (Aka Zigoo) has discovered a Remote Code Execution Vulnerability that affects the widely adopted application Magento. The experts was analyzing the Magento website whe he discovered the sub-domain http://lavender.dev.magento.com/ supposedly used […]
Pierluigi Paganini
October 20, 2015
Security experts have discovered that thousands of websites running the eBay’s Magento e-commerce platform have been compromised and used to deliver malware. Security experts at Sucuri have discovered a malware campaign that targeted a large number of websites the eBay Magento e-commerce platform. The same campaign was also monitored by the researchers at Malwarebytes which focused their analysis […]
Security / September 16, 2025
