Latest E-Commerce news

Facebook PrestaShop module exploited to steal credit cards

Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details.
- Bill Toulas
- June 23, 2024
- 10:08 AM
- 0
CosmicSting flaw impacts 75% of Adobe Commerce, Magento sites

A vulnerability dubbed "CosmicSting" impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks.
- Bill Toulas
- June 20, 2024
- 04:02 PM
- 0
Massive webshop fraud ring steals credit cards from 850,000 people

A massive network of 75,000 fake online shops called 'BogusBazaar' tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders.
- Bill Toulas
- May 08, 2024
- 10:53 AM
- 3
Europol warns 443 online shops infected with credit card stealers

Europol has notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases.
- Bill Toulas
- December 22, 2023
- 09:50 AM
- 0
Ace Hardware says 1,202 devices were hit during cyberattack

Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers.
- Bill Toulas
- November 02, 2023
- 04:52 PM
- 4
Hackers hijack legitimate sites to host credit card stealer scripts

A new Magecart credit card stealing campaign hijacks legitimate sites to act as "makeshift" command and control (C2) servers to inject and hide the skimmers on targeted eCommerce sites.
- Bill Toulas
- June 04, 2023
- 10:16 AM
- 0
Online sellers targeted by new information-stealing malware campaign

Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials for more damaging attacks.
- Lawrence Abrams
- June 03, 2023
- 11:52 AM
- 1
Hackers swap stealth for realistic checkout forms to steal credit cards

Hackers are hijacking online stores to display modern, realistic-looking fake payment forms to steal credit cards from unsuspecting customers.
- Bill Toulas
- April 28, 2023
- 12:41 PM
- 1
PrestaShop fixes bug that lets any backend user delete databases

The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions.
- Bill Toulas
- April 26, 2023
- 03:30 PM
- 0
LEGO BrickLink bugs let hackers hijack accounts, breach servers

Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group's official second-hand and vintage marketplace for LEGO bricks.
- Bill Toulas
- December 15, 2022
- 08:00 AM
- 0
Critical Magento vulnerability targeted in new surge of attacks

Researchers have observed a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites.
- Bill Toulas
- September 22, 2022
- 11:52 AM
- 0
Hackers exploited PrestaShop zero-day to breach online stores

Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
- Bill Toulas
- July 25, 2022
- 12:16 PM
- 0
E-commerce giant Mercado Libre confirms source code data breach

E-commerce giant Mercado Libre has confirmed "unauthorized access" to a part of its source code this week. Mercado additionally says data of around 300,000 of its users was accessed by threat actors.
- Ax Sharma
- March 08, 2022
- 06:51 AM
- 0
FBI: Online shoppers risk losing over $53M to holiday scams

The Federal Bureau of Investigation (FBI) warned today that online shoppers risk losing more than $53 million during this year's holiday season to scams promising bargains and hard-to-find gifts.
- Sergiu Gatlan
- November 24, 2021
- 12:13 PM
- 0
UK govt warns thousands of SMBs their online stores were hacked

The UK's National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal the payment info of customers.
- Sergiu Gatlan
- November 22, 2021
- 03:05 PM
- 0
WooCommerce fixes vulnerability exposing 5 million sites to data theft

WooCommerce, the popular e-commerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication.
- Ionut Ilascu
- July 15, 2021
- 12:08 PM
- 2
E-commerce giant suffers major data breach in Codecov incident

E-commerce platform Mercari has disclosed a major data breach incident that occurred due to exposure from the Codecov supply-chain attack. Mercari is a publicly traded Japanese company and an online marketplace that has recently expanded its operations to the United States and the United Kingdom.
- Ax Sharma
- May 21, 2021
- 05:26 AM
- 0
Stealthy Magecart malware mistakenly leaks list of hacked stores

A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites.
- Sergiu Gatlan
- December 18, 2020
- 02:47 PM
- 0
Rakuten sends cashback emails to customers in error

Japanese e-commerce giant Rakuten had sent email notifications yesterday to many of its customers congratulating them on newly earned cashback. Today, they took their words (and the cash) back.
- Ax Sharma
- November 12, 2020
- 06:20 AM
- 1
Louis Vuitton fixes data leak and account takeover vulnerability

French fashion and luxury merchandise company Louis Vuitton has quietly patched a security vulnerability on its website that allowed for user account enumeration and even allowed account takeover via password resets.
- Ax Sharma
- September 25, 2020
- 03:51 PM
- 1