Hackers Exploit Magento Theme Vulnerability to Inject Malware on 5,000 Sites
A critical vulnerability in a widely-distributed Magento theme has been exploited by hackers to inject malware onto approximately 5,000 e-commerce sites.
Magento Security Patch Released to Fix Critical Flaw Affecting Older Versions
Adobe released a critical security patch (APSB26-49) on May 12, 2026, to address a severe vulnerability in Magento affecting versions from 2.4.4 through 2.
FBI Warns Magento Site Owners About Active Exploitation of CVE-2026-12.5
While the specific CVE designation "CVE-2026-12.5" does not exist in official vulnerability databases and does not follow standard CVE formatting...
Magento Sites Hit by Massive Botnet Attack Targeting Yoast SEO Specific Vulnerability
A coordinated botnet campaign has been actively targeting Magento e-commerce sites to exploit a known vulnerability in Yoast SEO installations, forcing...
New Zero Day Magento Vulnerability Lets Hackers Take Over Sites in Seconds
A critical zero-day vulnerability in Magento called PolyShell enables attackers to take over e-commerce sites without authentication, requiring no user...
Magento Plugin With 12.5 Million Installs Discovered to Have Backdoor Malware
A Magento plugin with 12.5 million installations worldwide has been found to contain a backdoor vulnerability, exposing millions of e-commerce sites to...
Critical Magento Vulnerability Affects 12.5 Million Sites – Update Required Immediately
A critical vulnerability in Magento and Adobe Commerce has created an urgent security situation affecting e-commerce stores worldwide.
Ghost Vulnerability Database Adds 23 New CVEs This Month
The Ghost Vulnerability Database has identified 23 new CVEs this month, representing a significant uptick in security issues across various software...
Researchers Find 3 Critical Flaws in Popular Contact Form 7 Plugin Used by 4.8 Million Sites
Security researchers have identified three critical vulnerabilities in Contact Form 7, one of WordPress's most widely deployed plugins with 4.
Ghost Admin Accounts Sold on Dark Web for $280 Each According to Report
Reports about dark web pricing for admin accounts have become increasingly detailed in 2025-2026, though specific claims about "$280 Ghost Admin Accounts"...