And two other security snafus in this web publishing world| www.theregister.com
Adobe released an out-of-band emergency patch for SessionReaper (CVE-2025-54236). The bug may hand control of a store to unauthenticated attackers. Automated...| Sansec
A new attack on Adobe Commerce may break the menu bar for admin users. If your menu bar is missing, someone is stealing your session via CVE-2025-47110.| Sansec
Multiple vendors were hacked in a coordinated supply chain attack, Sansec found 21 applications with the same backdoor. Curiously, the malware was injected 6...| Sansec
Sansec found criminals mass-scanning for defunct.dat files which contain GSocket backdoor keys. A quick scan reveals dozens of infected stores.| Sansec
Increasing use of Content Security Policy (CSP) as PCI-DSS 4.0 goes live on April 1st. However, our research shows that most online stores have not enabled C...| Sansec
Simple, integrated & free CSP monitoring for Magento| Sansec
The new Chinese owner of the popular Polyfill JS project injects malware into more than 100 thousand sites.| Sansec