Advertisement · 728 × 90
#
Hashtag
#PolyShell
Advertisement · 728 × 90
The New Oil
The New Oil
@thenewoil.org
3 days ago
Preview
PolyShell attacks target 56% of all vulnerable Magento stores Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores.

#PolyShell attacks target 56% of all vulnerable #Magento stores

www.bleepingcomputer.com/news/security/polyshell-...

#cybersecurity #eCommerce

1 0 0 0
The New Oil
The New Oil
@thenewoil.org
1 week ago
Preview
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover.

New ‘#PolyShell’ flaw allows unauthenticated RCE on #Magento e-stores

www.bleepingcomputer.com/news/security/new-polysh...

#cybersecurity

0 0 0 0
Cybersecurity News Everyday
Cybersecurity News Everyday
@hendryadrian.bsky.social
1 week ago
Preview
Thousands of Magento Sites Hit in Ongoing Defacement Campaign A mass defacement campaign has hit over 7,500 Magento sites, placing plaintext defacement files across more than 15,000 hostnames and briefly affecting major brands, government services, universities, and some Trump Organization domains. Netcraft links the incidents to an unauthenticated file-upload vulnerability in Magento/Adobe Commerce while Sansec disclosed a REST API flaw...

Over 7,500 Magento sites defaced in a mass campaign affecting 15,000+ hostnames, including major brands and government domains. Exploits linked to an unauthenticated file-upload flaw and PolyShell REST API bug. #Magento #PolyShell #USA

0 0 0 0
Cybersecurity News Everyday
Cybersecurity News Everyday
@hendryadrian.bsky.social
1 week ago
Preview
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores A newly disclosed vulnerability called "PolyShell" affects all Magento Open Source and Adobe Commerce 2 installations, allowing unauthenticated attackers to upload polyglot files that can enable remote code execution or stored XSS leading to account takeover. Adobe's fix is currently only available in the 2.4.9 second alpha while Sansec warns the exploit method is already circulating and urges immediate mitigations like restricting access to pub/media/custom_options and scanning for shells. #PolyShell #Magento

The new PolyShell flaw in Magento Open Source and Adobe Commerce 2 allows unauthenticated RCE via polyglot file uploads through the REST API, risking stored XSS and account takeover. Patch in 2.4.9 alpha. #PolyShell #MagentoSecurity #Netherlands

0 0 0 0