It has been discovered that a malicious program has been launched, posing a serious threat to thousands of online retailers worldwide, as it exploits vulnerabilities in widely used content management systems. According to security researchers, the attack primarily targets platforms that utilise open-source e-commerce CMS frameworks, such as Magento and WooCommerce, by injecting malicious code into the platform and stealing customer data, compromising checkout pages, and gaining administrative control over backend systems.
In addition to being part of a wider cybercriminal operation, the malware is capable of silently harvesting sensitive information, such as payment details and login credentials, without the user being notified. As a result of this campaign, several online storefronts have already suffered significant losses. Cybersecurity companies, as well as digital commerce platforms, have issued urgent advisories.
Using outdated plugins, unpatched CMS instances, and misconfigured servers, the attackers have been able to distribute the malware on an unprecedented scale. Due to the fact that e-commerce remains a lucrative target for financially motivated threat actors, this incident highlights the importance of merchants regularly updating their systems, monitoring for abnormal activity, and implementing security best practices in order to ensure that they remain secure.
The malware campaign signals an urgent need for immediate defence action, with consumer trust and financial transactions at risk. The followi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: