The Hacker News

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Magento flaw allows unauthenticated file uploads up to 2.4.9-alpha2, enabling RCE or takeover, exposing stores to attack risk ...

PolyShell attacks target 56% of all vulnerable Magento stores

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...

Hackers are exploiting a vulnerability in lots of e-commerce sites

Magento and Adobe Commerce sites are affected, but a fix is in the works.
Hosted on MSN

Adobe patches 'most severe' flaw in Magento eCommerce platform

Adobe patched a critical Web API flaw in Commerce and Magento The bug, dubbed SessionReaper, scored 9.1/10 and affects multiple versions Researchers warn the leaked hotfix may aid attackers Adobe has ...
SecurityWeek

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites, including major brands and government services, were hit in an ongoing mass-defacement campaign.
Security Boulevard

Evan Rowe

What happened A newly disclosed vulnerability dubbed PolyShell affects stable Magento Open Source and Adobe Commerce version ...