All CosmicBytez Labs articles tagged #Magento, across news, security advisories, how-to guides, and projects.
CISA has added a critical remote code execution vulnerability in the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities catalog…
CVSS 9.8 PHP object injection in Mirasvit Full Page Cache Warmer for Magento 2 lets unauthenticated attackers achieve RCE — patch to 1.11.12 now.
A massive campaign targeting nearly 100 Magento e-commerce stores embeds credit card-stealing JavaScript inside a pixel-sized SVG image, bypassing visual...
Mass exploitation is underway against Magento 2 and Adobe Commerce installations using the 'PolyShell' polyglot file upload vulnerability, with attackers...
Cybersecurity researchers have uncovered a sophisticated new payment skimmer that weaponises WebRTC data channels to exfiltrate stolen credit card data...
This week: Russian authorities detain the alleged LeakBase admin weeks after the FBI-led global crackdown on the 147,000-subscriber stolen-data...