Hackers are widely exploiting a 2017 vulnerability in a Magento plug-in that allows them to take over a user’s e-commerce website and embed malicious code that enables the skimming of credit card data.
Magento, bought by Adobe for $1.68 billion in May 2018, is an open-source ecommerce platform that lets users build online stores/process payments. Due to the nature of the data it processes it is a prime target for threat actors looking to steal shoppers’ financial credentials.
It has persistently proven a juicy vector for attacks.
The FBI warned in a flash alert earlier this month