1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Year-old critical Magento flaw still exploited, payment info stolen

Discussion in 'Help Net Security' started by RSS, Feb 16, 2016.

  1. RSS

    RSS New Member Member

    A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, warns Sucuri researcher Denis Sinegubko. At the time, the Magento development team pushed out a patch (SUPEE-5344) but after two whole months, 98,000 online merchants still didn’t implement it. This forced the team to send out email alerts directly to the users, urging them to … More →

    Continue reading...

Share This Page