The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

Huge numbers of web stores are facing attack from dangerous new malware

Hackers are actively using PolyShell against major brands and other ecommerce sites.
Ecommerce Fastlane

How to Get the Most Out of Magento: Partner Selection, Extensions, and Performance

The platform you build on matters less than the partner who helps you build on it. A Magento store with the wrong extensions and a weak development team will ...
Ecommerce Fastlane

Magento Product Reviews: Stop Cart Abandonment

You already know how much effort it takes to drive targeted traffic to your Magento storefront. But when those visitors ...
Bleeping Computer

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover.
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...