Criminals have secretly rewired 3,500 online stores to continuously harvest credit card numbers. The fraud can be traced back as far as May 12th 2015, so if you have bought something at one of thes...| Sansec - experts in eCommerce security
The number of hacked Magento 2 stores spiked in the last four weeks, after a critical security flaw was discovered in March and criminals stole admin passwords within 16 hours. Merchants are advise...| Sansec - experts in eCommerce security
Update Feb 21st, 2022: Sansec has observed the first actual attacks in the wild. Patch now! Unfortunately, this validates our previous prediction that abuse would start within days. Attacks are com...| Sansec - experts in eCommerce security
Update June 27th: Adobe has now provided an official, isolated fix that can be applied to installations without requiring upgrade.Update June 27th: our partner Hypernode as actually observed the ...| Sansec - experts in eCommerce security
Almost a month ago, we warned about the CosmicSting attack that threatens 75% of Adobe Commerce stores. Sansec now observes mass-abuse of this vulnerability ...| Sansec
Attackers are abusing Google services like Translate and YouTube to bypass security measures and execute malicious campaigns. Recent incidents and strategies...| Sansec
Cybercriminals have hacked 5% of all Adobe Commerce and Magento stores this summer. Among the victims are large international brands. Seven distinct groups a...| Sansec
In our previous posts, we discussed how threat actors were abusing CosmicSting by injecting malicious scripts into CMS blocks. While these attacks continue, ...| Sansec
CosmicSting (aka CVE-2024-34102) is the worst bug to hit Magento and Adobe Commerce stores in two years. Sansec observes that stores are getting hacked at a ...| Sansec
Browser-based protection can easily be bypassed by the majority of digital skimming attacks.| Sansec