Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life (EOL) and support (EOS) on June 30, 2020, and that those were the final security patches available for Magento Commerce 1.14 and M… Continue reading Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

FBI warns hackers are planting card skimmers on online stores running a vulnerable Magento plugin

The FBI has issued a “flash alert” warning that hackers are planting Magecart-style credit card-skimming code on Magento-powered online stores running an out-of-date plugin.
Continue reading FBI warns hackers are planting card skimmers on online stores running a vulnerable Magento plugin

How a favicon delivered a web credit card skimmer to victims

Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that “turn” malicious when victims visit a checkout page. Favicons and card skimmers Favicons is a file containing on… Continue reading How a favicon delivered a web credit card skimmer to victims

Bumper Adobe update fixes flaws in Magento, Bridge and Illustrator

After a light Patch Tuesday earlier this month, Adobe has issued an unexpectedly large bundle of critical security fixes for flaws affecting its Magento, Bridge and Illustrator products. These might look casually out of band but in fact Adobe often sta… Continue reading Bumper Adobe update fixes flaws in Magento, Bridge and Illustrator

Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge

Adobe has pushed out security updates fixing critical flaws in Magento Commerce, Open Source Enterprise and Community editions, Adobe Illustrator 2020 for Windows, and Adobe Bridge for Windows. Magento security update According to the security bulletin… Continue reading Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge

Magento patches critical code execution vulnerabilities, upgrade ASAP!

Adobe-owned Magento has plugged multiple critical vulnerabilities in its eponymous content management system, the most severe of which could be exploited by attackers to achieve arbitrary code execution. About the fixed vulnerabilities According to the… Continue reading Magento patches critical code execution vulnerabilities, upgrade ASAP!

Critical Flaws in Magento e-Commerce Platform Allow Code-Execution

Admins are encouraged to update their websites to stave off attacks from Magecart card-skimmers and others. Continue reading Critical Flaws in Magento e-Commerce Platform Allow Code-Execution

Magento Marketplace Suffers Data Breach Exposing Users’ Account Info

If you have ever registered an account with the official Magento marketplace to bought or sold any extension, plugin, or e-commerce website theme, you must change your password immediately.

Adobe—the company owning Magento e-commerce platform—today di… Continue reading Magento Marketplace Suffers Data Breach Exposing Users’ Account Info