Vulnerability cyber

Adobe Commerce

Oct 7, 2024 1 min read
Adobe Commerce

Over 4,000 Adobe Commerce and Magento stores were hacked through the exploitation of a critical vulnerability, identified as CosmicSting (CVE-2024-34102). This attack allowed unauthorized reading of files, including passwords and other sensitive data. The attackers typically stole a secret cryptographic key and modified CMS blocks via the Magento API to inject malicious Javascript aimed at customer data theft. The exploitation led to the installation of payment skimmers in 5% of all Adobe Commerce and Magento store checkouts. Major organizations, such as Ray-Ban and Cisco, were affected, resulting in potentially severe financial and reputational damage.

Source: https://securityaffairs.com/169316/cyber-crime/4000-unpatched-adobe-commerce-and-magento-stores-hacked.html

"id": "ado000100724",
"linkid": "adobe-commerce",
"type": "Vulnerability",
"date": "10/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.