Widespread CosmicSting attacks hit Adobe Commerce, Magento stores

4 October 2024

Intrusions leveraging CosmicSting have been launched by seven financially motivated threat operations — including Belki, Bobry, Burunduki, Khomyaki, Ondatry, and Surki — against almost 5% of all stores to facilitate Magento cryptographic key exfiltration and payment skimmer injections, according to a report from Sansec. While Whirlpool, Segway, and Ray-Ban are believed to have remediated the issue, other organizations have been urged to immediately upgrade their Adobe Commerce and Magento implementations amid the threat of escalating exploitation.

Source: SC Magazine

Date:

4 October 2024

Categorie(s):

NEWS

Tag(s):

Adobe, Commerce, IT, Magento, Vulnerability Management

Criminals open DocuSign’s Envelope API to make BEC special delivery5 November 2024
Biden administration prepares second executive order on cybersecurity5 November 2024
Link Index for Customer Identity and Access Management5 November 2024
Technical debt, multi-cloud complexity hinder modern tech adoption5 November 2024
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions5 November 2024