Lucene search
K

20 matches found

The Hacker News
The Hacker News
added 2025/10/13 11:50 a.m.8 views

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment data while your WAF and intrusion detection systems see nothing. With the 2025 shopping season weeks away, visibility gaps must close now. Get the...

6.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2023/12/07 2:0 p.m.15 views

November’s Shopping Holidays: Online Shopping, Sales, and Magecart Attacks

...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/14 1:14 p.m.69 views

Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed Xurum by Akamai, leverage a now-patched critical security flaw CVE-2022-24086, CVSS score: 9.8 in Adobe Commerce and Magento Open Source...

10CVSS8.1AI score0.99199EPSS
Exploits5
The Hacker News
The Hacker News
added 2022/07/26 3:9 a.m.58 views

Hackers Exploit PrestaShop Zero-Day to Steal Payment Data from Online Stores

Malicious actors are exploiting a previously unknown security flaw in the open source PrestaShop e-commerce platform to inject malicious skimmer code designed to swipe sensitive information. "Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in serve...

1.4AI score
Exploits2
Malwarebytes
Malwarebytes
added 2022/02/10 1:48 p.m.61 views

A new Magecart campaign is making waves

Malwarebytes’ researchers are closely monitoring web skimmers and have noticed that one of the infamous Magecart groups is causing a rise in the number of attacks while gobbling up over a quarter of the total number of attacks in one campaign. Magecart attacks have increased in the past 30 days i...

7.2AI score
Exploits0
Securelist
Securelist
added 2021/11/23 10:0 a.m.240 views

Cyberthreats to financial organizations in 2022

First of all, we are going to analyze the forecasts we made at the end of 2020 and see how accurate they were. Then we will go through the key events of 2021 relating to attacks on financial organizations. Finally, we will make some forecasts about financial attacks in 2022. Analysis of forecasts...

10CVSS10.5AI score0.99999EPSS
Exploits31
Imperva Blog
Imperva Blog
added 2021/08/17 4:0 p.m.70 views

Brace yourselves: Holiday shopping season is coming

The E-commerce market has seen tremendous revenue growth during the pandemic. Along with that good news for E-business, there has been an increase in fraudulent activities online that may cost retailers over $20 billion in losses by the end of 2021. According to eMarketer, worldwide retail...

7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/01/26 5:0 a.m.16 views

How Client-Side Protection & Compliance Detects Real-World Magecart Attacks

In this blog, we will take a look at and break down a recent Magecart attack detected and mitigated by Client-Side Protection & Compliance. The impacted customer operates a large international e-commerce business in which one of its websites was compromised with a malicious script...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/11/19 2:2 p.m.34 views

Holidays Are Coming – the State of Security for E-commerce in 2020

With the Coronavirus pandemic driving consumers online, a new report from Imperva reveals how this year’s holiday shopping season will present online retailers with a level of traffic - and cyber-attack threats - like they’ve never seen before. Among the many effects of COVID-19 has been a huge...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/11 10:50 a.m.4 views

Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers

A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research. "This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of...

5.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/11/02 5:16 p.m.15 views

Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach

A popular precious-metals dealer, JM Bullion, has been the victim of a payment-skimmer attack. The company’s response was less than solid gold — it took months to notify its users of the breach. The Dallas-based company sells gold, platinum, silver, copper and palladium bullion, in the form of...

0.1AI score
Exploits0References8
Akamai Blog
Akamai Blog
added 2020/10/19 5:0 p.m.17 views

Akamai Named Gartner Magic Quadrant Leader for Fourth Consecutive Year

Gartner published its 2020 Magic Quadrant for Web Application Firewalls WAFi and named Akamai a Leader for the fourth consecutive year. Gartner's high distinction is market recognition of our completeness of vision and ability to execute. This graphic was published by Gartner, Inc. as part of a...

Exploits0
The Hacker News
The Hacker News
added 2020/06/29 10:22 a.m.3 views

e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata

In what's one of the most innovative hacking campaigns, cybercrime gangs are now hiding malicious code implants in the metadata of image files to covertly steal payment card information entered by visitors on the hacked websites. "We found skimming code hidden within the metadata of an image file...

5.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/06/26 8:18 p.m.65 views

8 U.S. City Websites Targeted in Magecart Attacks

Researchers are warning that the websites of eight U.S. cities – across three states – have been compromised with payment card-stealing Magecart skimmers. The websites all utilize Click2Gov municipality payment software, which was previously involved in data breaches. Unlike other skimmers, which...

8.3AI score0.0552EPSS
Exploits1References14
The Hacker News
The Hacker News
added 2020/01/25 6:39 p.m.7 views

Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks

The Indonesian National Police in a joint press conference with Interpol and cybersecurity firm Group-IB earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online...

5.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2020/01/24 7:0 p.m.58 views

Protecting Websites from Magecart and Other In-Browser Threats

The Rise of Third-Party Scripts Modern web applications have become increasingly reliant on external code, services and vendors that execute JavaScript code in the browser... often referred to as third-party scripts. As a close-to-home example shown below, Akamai executes dozens of scripts to...

7.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2019/09/20 1:5 p.m.44 views

This Week in Security News: Magecart Attacks and Is Your Smart TV Spying on You?

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Magecart attacks and the security implications of PSD2. Also, read about how your smart TV might be leaking your data to the lik...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/08/28 3:37 p.m.45 views

Magecart Hackers Compromise 80 More eCommerce Sites to Steal Credit Cards

Cybersecurity researchers have discovered over 80 Magecart compromised e-commerce websites that were actively sending credit card information of online shoppers to the attackers-controlled servers. Operating their businesses in the United States, Canada, Europe, Latin America, and Asia, many of...

0.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2019/08/07 2:5 p.m.28 views

Digital skimmers: What are they and how can I keep my card details safe online?

A few weeks ago, British Airways was hit by the largest ever regulatory fine of its kind, after global customers visiting its website had their card data stolen. The $228m penalty levied by the UK’s privacy watchdog reflects the seriousness of the attack and the carrier’s failure to protect its...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/15 3:56 p.m.57 views

A week in security (October 8 – 14)

Last week, we warned you away from some dubious Doctor Who streams, explained how Endpoint Detection and Response may not be enough, and explored what happens during a confusing supply chain story. We also showed you how to keep up with security, explained the risks of fake browser updates, and...

Exploits0
Rows per page
Query Builder