Adobe Commerce | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming, credited to a researcher named " spacewasp ," was patched by Adobe in June 2024. Dutch security firm Sansec, which has described CosmicSting as the "worst bug to hit Magento and Adobe Commerce stores in two years," said the e-commerce sites are being compromised at the rate of three to five per hour. The flaw has since come under widespread exploitation , prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to the Known Exploited Vulnerabilities (KEV) catalog in mid-July 2024. Some of these attacks involve weaponizing the flaw to ste...

E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed  Xurum  by Akamai, leverage a now-patched critical security flaw ( CVE-2022-24086 , CVSS score: 9.8) in Adobe Commerce and Magento Open Source that, if successfully exploited, could lead to arbitrary code execution. "The attacker seems to be interested in payment stats from the orders in the victim's Magento store placed in the past 10 days," Akamai researchers  said  in an analysis published last week, attributing the campaign to actors of Russian origin. Some of the websites have also been observed to be infected with simple JavaScript-based skimmers that's designed to collect credit card information and transmit it to a remote server. The exact scale of the campaign remains unclear. In the attack chains observed by the company, CVE-2022-24086 is weaponized for initial access, subsequently exploiting ...

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider's storage security controls and default settings. "In just the past few months, I have witnessed two different methods for executing a ransomware attack using nothing but legitimate cloud security features," warns Brandon Evans, security consultant and SANS Certified Instructor. Halcyon disclosed an attack campaign that leveraged one of Amazon S3's native encryption mechanisms, SSE-C, to encrypt each of the target buckets. A few months prior, security consultant Chris Farris demonstrated how attackers could perform a similar attack using a different AWS security feature, KMS keys with external key material, using simple scripts generated by ChatGPT. "Clearly, this topic is top-of-mind for both threat actors and ...

Adobe on Thursday updated its advisory for an  actively exploited zero-day  affecting Adobe Commerce and Magento Open Source to patch a newly discovered flaw that could be weaponized to achieve arbitrary code execution. Tracked as  CVE-2022-24087 , the issue – like CVE-2022-24086 – is rated 9.8 on the CVSS vulnerability scoring system and relates to an " Improper Input Validation " bug that could result in the execution of malicious code. "We have discovered additional security protections necessary for CVE-2022-24086 and have released an update to address them (CVE-2022-24087)," the company  said  in a revised bulletin. "Adobe is not aware of any exploits in the wild for the issue addressed in this update (CVE-2022-24087)." As before, Adobe Commerce and Magento Open Source versions 2.4.3-p1 and earlier and 2.3.7-p2 and earlier are impacted by CVE-2022-24087, but it's worth noting that versions 2.3.0 to 2.3.3 are not vulnerable. "A new patc...