The Hacker News

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Magento flaw allows unauthenticated file uploads up to 2.4.9-alpha2, enabling RCE or takeover, exposing stores to attack risk ...
SecurityWeek

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites, including major brands and government services, were hit in an ongoing mass-defacement campaign.

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 ...
TechRadar

Best Magento hosting of 2025

We feature the best Magento hosting providers, to make it simple and easy to set up and run Magento ecommerce features for your growing business. Magento (now known as Adobe Commerce) is one of the ...
TechRadar

What is Magento hosting? A definitive guide

Magento is a popular ecommerce platform that helps businesses create and manage their online stores. But in order to run a Magento store, businesses need to host their website on a server. This is ...
Hosted on MSN

Hundreds of Adobe Magento stores hit after critical security flaw found - here's what we know

CVE-2025-54236 is actively exploited to hijack accounts via Magento’s REST API Over 250 attacks in 24 hours; most stores remain unpatched six weeks after fix Attackers upload PHP backdoors using fake ...
Bleeping Computer

Magento stores hit by largest automated hacking attack since 2015

In the largest automated hacking campaign against Magento sites, attackers compromised almost 2,000 online stores this weekend to steal credit cards. Adobe Magento is a popular eCommerce platform that ...