The Hacker News

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Magento flaw allows unauthenticated file uploads up to 2.4.9-alpha2, enabling RCE or takeover, exposing stores to attack risk ...
SecurityWeek

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites, including major brands and government services, were hit in an ongoing mass-defacement campaign.

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 ...
Security Boulevard

Evan Rowe

What happened A newly disclosed vulnerability dubbed PolyShell affects stable Magento Open Source and Adobe Commerce version ...
Onrec

The Importance of Custom Magento Development for Competitive eCommerce Stores

The eCommerce industry continues to grow at an incredible pace, and with this rapid expansion comes fierce competition. Online stores are no longer judged simply by the products they sell. Today’s ...
CSOonline

Adobe Commerce and Magento users: Patch critical SessionReaper flaw now

A critical vulnerability that could lead to account takeover and remote code execution has been patched in Magento and Adobe Commerce. Security experts warn of exploits soon. Adobe issued an emergency ...