A serious vulnerability in the shopping cart software Magento enables merchants 140,000 at risk of being hacked, warns the Dutch hosting company Byte. The vulnerability was in February by the developers patched but examining Byte April 14 shows that 60% of merchants who still uses a vulnerable version running on Magento. That equates to 140,000 shops.
There are no observed attacks yet, but if there is an exploit appears Byte expects all vulnerable web shops will be hacked within 48 hours. To help, there is a merchants website appeared online that reports whether the shop is vulnerable or not. In addition, administrators are advised to install the update. According to an employee of security firm Check Point on Reddit , the company will next week more details about the vulnerability publicly, but no exploit code. Or the employee states that it is a very serious leak.
No comments:
Post a Comment