Informed Webmaster

Admins are encouraged to update their websites to stave off attacks from Magecart card-skimmers and others.


Critical vulnerabilities in Adobe’s Magento e-commerce platform – a favorite target of the Magecart cybergang – could lead to arbitrary code execution.

Adobe issued patches on Tuesday as part of its overall release of the Magento 2.3.4 upgrade, giving the fixes a “priority 2” rating. In Adobe parlance, priority 2 means that administrators should apply the updates within 30 days.

Out of the flaws, Adobe has fixed three that it rates as critical in severity, meaning that successful exploits could “allow malicious native code to execute, potentially without a user being aware.”

Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.

Critical flaws in Adobe’s Magento e-commerce platform – which is commonly targeted by attackers like the Magecart cybergang – could enable arbitrary code execution on affected systems.

Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe on Tuesday released security updates for flaws affecting Magento Commerce 2 and Magento Open Source 2, versions 2.3.5-p1 and earlier. These included two critical vulnerabilities and two important-severity flaws...

The Magento 1 EOL date has already passed, however it’s evident that a large number of websites will continue to use it for the foreseeable future. Unfortunately, attackers are also aware that many websites are straggling with their Magento migrations and post compromise tools have been created to support deployment for both Magento 1.x and 2.x versions, making it easier for them to exploit a larger number of sites.

Malicious Forbidden Activity

During a recent investigation, our team came across a tool aptly named Forbidden. It allows an attacker to quickly perform a number of malicious functions including adding an admin user, modifying existing users, viewing orders, dumping the website’s configuration data, and removing itself once the attacker is finished with it.

Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites.

Researchers have disclosed two flaws that could enable remote code execution attacks on the Magento Mass Import (Magmi) plugin, an open source database client that imports data into Magento.

A Magento website owner was concerned about malware and reached out to our team for assistance. Upon investigation, we found the website contained a PHP injection in one of the Magento files...