Threat Post

Magecart Cybergang Targets 0days in Third-Party Magento Extensions

Over two dozen third-party ecommerce plugins contain zero-day vulnerabilities being exploited in a recent Magecart campaign. Criminals behind the Magecart gang have shifted tactics, and are now ...
ZDNet

Magecart group leverages zero-days in 20 Magento extensions

Hackers are (ab)using unpatched zero-day vulnerabilities in approximately 20 Magento extensions to plant payment card skimmers on online stores, according to Dutch security expert Willem de Groot. The ...
Bleeping Computer

Magento supply chain attack compromises hundreds of e-stores

A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. Sansec researchers who ...