Magento supply chain attack compromises hundreds of e-stores
A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. [...]
Stay updated on the latest compromise incidents in infosec. Discover how breaches occur and learn strategies to protect your data and networks.
Search across headline titles and summaries.
Background for this topic.
Compromise in information security means unauthorized access or control over a system, network, or data, often resulting from exploiting vulnerabilities like software bugs, weak credentials, or misconfigurations. It indicates that an attacker has bypassed security measures to read, modify, or disrupt resources without permission.
Such compromises pose risks including data theft, unauthorized system manipulation, and persistent attacker presence. Detecting and containing compromises requires monitoring for unusual activity, applying timely patches, and enforcing strong access controls to limit attacker movement and reduce the impact of exploited weaknesses.
A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. [...]
Threat actors are intensifying internet-wide scanning for Git configuration files that can reveal sensitive secrets and authentication tokens used to compromise cloud services and source code repositories. [...]
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. [...]