Bleeping Computer

Magento plugin Magmi vulnerable to hijacking admin sessions

A cross-site request forgery (CSRF) vulnerability continues to be present in the Magmi plugin for Magento online stores, despite developers receiving a report from researchers that discovered it.
ZDNet

FBI warns about attacks on Magento online stores via old plugin vulnerability

The FBI says hackers are exploiting a three-year-old vulnerability in a Magento plugin to take over online stores and plant a malicious script that records and steals buyers' payment card data. This ...
CNBC Africa

KWIK DELIVERY releases new plugin for Magento Delivery plugin and version 2.0 of its ...

Content provided by APO Group. CNBC Africa provides content from APO Group as a service to its readers and does not edit the articles it publishes. CNBC Africa is not responsible for the content ...
Graham Cluley

FBI warns hackers are planting card skimmers on online stores running a vulnerable Magento ...

ZDNet reports that the FBI has issued a “flash alert” warning that hackers are planting Magecart-style payment card-skimming code on Magento-powered online stores running an out-of-date plugin.