Apr 06, 2024NewsroomSkimmer / Threat Intelligence Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code … [Read more...] about Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
websites
The Danger of Forgotten Pixels on Websites: A New Case Study
Oct 26, 2023The Hacker NewsWeb Security / Data Protection While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases. Download the full case study here. It's a scenario that could … [Read more...] about The Danger of Forgotten Pixels on Websites: A New Case Study
Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons
Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases consisting of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C … [Read more...] about Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons
New Golang-based Linux Malware Targeting eCommerce Websites
Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that's capable of stealing payment information from compromised websites. "The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms," researchers from Sansec Threat Research said in an analysis. … [Read more...] about New Golang-based Linux Malware Targeting eCommerce Websites
Crypto scam on Discord uses fake news websites
Since we described how scammers are tricking Discord users into registering on fake cryptocurrency exchanges, they have harnessed new and even more effective techniques. What’s the catch, and can you protect yourself? Origins In the earlier grift, members of Discord cryptocurrency communities received private messages from trading platforms supposedly giving away … [Read more...] about Crypto scam on Discord uses fake news websites
Websites have infected iPhones with spyware
The idea that iPhones are totally immune to threats has been debunked time after time. In fact, though the Apple smartphones may present a smaller target than Android devices, some say you can pick up all sorts of malware just by opening a dangerous website, without knowingly downloading and installing anything from that site. In this post, we find out whether that is … [Read more...] about Websites have infected iPhones with spyware
Cartoon Network Hacked Worldwide to Show Brazilian Stripper Videos
Ricardo Milos joined Ben 10, Adventure Time and We Bare Bear videos on its websites over the weekend. Source link … [Read more...] about Cartoon Network Hacked Worldwide to Show Brazilian Stripper Videos