All news

ecommerce security

(2 articles)
SVG Pixel Trick Hides Magento Credit Card Skimmer

April 8, 2026

SVG Pixel Trick Hides Magento Credit Card Skimmer

Hackers inject a 1x1 SVG pixel with base64-encoded skimmer code into Magento stores, stealing credit card data via fake checkout overlays. Here's what to check.

New 'PolyShell' Flaw Allows Unauthenticated RCE on Magento E-Stores

March 19, 2026

New 'PolyShell' Flaw Allows Unauthenticated RCE on Magento E-Stores

The PolyShell vulnerability lets attackers execute code or hijack accounts on Magento stores without authentication - and exploit code is already circulating.