What happened A newly disclosed vulnerability dubbed PolyShell affects stable Magento Open Source and Adobe Commerce version 2 installations and can allow unauthenticated remote code execution or account takeover, depending on server ...

What happened A large-scale cyberattack campaign compromised more than 7,500 Magento-powered websites since late February 2026, with attackers uploading hidden malicious or defacement files into publicly accessible directories across affected servers. The ...

In the rapidly evolving world of e-commerce, security remains a top priority. As part of our ongoing commitment to safeguarding our clients, we are bringing an important update to your attention regarding ...

Digital attackers created a Magento phishing page that used JavaScript to exfiltrate the login credentials of its victims. Sucuri came across a compromised website using the filename “wp-order.php” during an investigation. This ...

A new vulnerability affecting Windows 10 has been disclosed on Twitter before being patched and it allows attackers to delete system files or to replace sensitive libraries. The vulnerability is located in ...

Security researchers believe the recent data breach announced by British Airways was the result of malicious code being injected into the company’s website to steal information from payment forms. According to researchers ...

Over the past six months, a group of hackers has managed to break into more than 7,000 Magento-based online shops and infected them with malicious code that steals payment card information from ...

Attackers are breaking into online shops built with Magento by exploiting a known cross-site scripting vulnerability within a popular extension used by merchants for customer support. A successful compromise results in malware ...