Nuacht

The Hacker News

Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts

The vulnerability, tracked as CVE-2025-54236 (aka SessionReaper), carries a CVSS score of 9.1 out of a maximum of 10.0. It ...
Threat Post

Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack

The vendor issued an emergency fix on Sunday, and eCommerce websites should update ASAP to avoid Magecart card-skimming attacks and other problems. A zero-day remote code-execution (RCE) bug in the ...
ZDNet

Hackers abuse Magento PayPal integration to test validity of stolen credit cards

Hacker groups and online fraudsters are abusing a feature of Magento online shops to test the validity of stolen debit and credit card numbers, ZDNet has learned. The technique consists of attackers ...