-
Over a thousand online shops hacked to show fake product listings
A phishing campaign dubbed 'Phish n' Ships' has been underway since at least 2019, infecting over a thousand legitimate online stores to promote fake product listings for hard-to-find items.
- October 31, 2024
- 09:00 AM
0
-
Hackers inject malicious JS in Cisco store to steal credit cards, credentials
Cisco's site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at checkout.
- September 04, 2024
- 11:48 AM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Fraud ring pushes 600+ fake web shops via Facebook ads
A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal and financial information.
- July 31, 2024
- 10:14 AM
- 1
-
Facebook PrestaShop module exploited to steal credit cards
Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details.
- June 23, 2024
- 10:08 AM
- 0
-
CosmicSting flaw impacts 75% of Adobe Commerce, Magento sites
A vulnerability dubbed "CosmicSting" impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks.
- June 20, 2024
- 04:02 PM
- 0
-
Massive webshop fraud ring steals credit cards from 850,000 people
A massive network of 75,000 fake online shops called 'BogusBazaar' tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders.
- May 08, 2024
- 10:53 AM
- 3
-
Europol warns 443 online shops infected with credit card stealers
Europol has notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases.
- December 22, 2023
- 09:50 AM
- 0
-
Ace Hardware says 1,202 devices were hit during cyberattack
Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers.
- November 02, 2023
- 04:52 PM
- 4
-
Hackers hijack legitimate sites to host credit card stealer scripts
A new Magecart credit card stealing campaign hijacks legitimate sites to act as "makeshift" command and control (C2) servers to inject and hide the skimmers on targeted eCommerce sites.
- June 04, 2023
- 10:16 AM
- 0
-
Online sellers targeted by new information-stealing malware campaign
Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials for more damaging attacks.
- June 03, 2023
- 11:52 AM
- 1
-
Hackers swap stealth for realistic checkout forms to steal credit cards
Hackers are hijacking online stores to display modern, realistic-looking fake payment forms to steal credit cards from unsuspecting customers.
- April 28, 2023
- 12:41 PM
- 1
-
PrestaShop fixes bug that lets any backend user delete databases
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions.
- April 26, 2023
- 03:30 PM
- 0
-
LEGO BrickLink bugs let hackers hijack accounts, breach servers
Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group's official second-hand and vintage marketplace for LEGO bricks.
- December 15, 2022
- 08:00 AM
- 0
-
Critical Magento vulnerability targeted in new surge of attacks
Researchers have observed a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites.
- September 22, 2022
- 11:52 AM
- 0
-
Hackers exploited PrestaShop zero-day to breach online stores
Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
- July 25, 2022
- 12:16 PM
- 0
-
E-commerce giant Mercado Libre confirms source code data breach
E-commerce giant Mercado Libre has confirmed "unauthorized access" to a part of its source code this week. Mercado additionally says data of around 300,000 of its users was accessed by threat actors.
- March 08, 2022
- 06:51 AM
- 0
-
FBI: Online shoppers risk losing over $53M to holiday scams
The Federal Bureau of Investigation (FBI) warned today that online shoppers risk losing more than $53 million during this year's holiday season to scams promising bargains and hard-to-find gifts.
- November 24, 2021
- 12:13 PM
- 0
-
UK govt warns thousands of SMBs their online stores were hacked
The UK's National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal the payment info of customers.
- November 22, 2021
- 03:05 PM
- 0
-
WooCommerce fixes vulnerability exposing 5 million sites to data theft
WooCommerce, the popular e-commerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication.
- July 15, 2021
- 12:08 PM
- 2
-
E-commerce giant suffers major data breach in Codecov incident
E-commerce platform Mercari has disclosed a major data breach incident that occurred due to exposure from the Codecov supply-chain attack. Mercari is a publicly traded Japanese company and an online marketplace that has recently expanded its operations to the United States and the United Kingdom.
- May 21, 2021
- 05:26 AM
- 0
