Adobe Commerce and Magento

Over 4,000 Adobe Commerce and Magento stores suffered a massive security breach due to exploitation of the CosmicSting vulnerability, CVE-2024-34102. This critical flaw allowed attackers to run arbitrary code and install backdoors, jeopardizing sensitive customer and merchant data. Major brands like Ray-Ban, National Geographic, Cisco, Whirlpool, and Segway have been impacted, with attackers deploying payment skimmers in the affected e-stores. Despite Adobe's critical update and warnings, failure to invalidate old cryptographic keys left many merchants exposed, resulting in widespread financial and data losses for both companies and their customers during the summer.

Source: https://securityaffairs.com/169316/cyber-crime/4000-unpatched-adobe-commerce-and-magento-stores-hacked.html

"id": "ado000101024",
"linkid": "adobe-commerce",
"type": "Vulnerability",
"date": "10/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"