"Netcraft reports that over 7,500 Magento sites have been hit in a mass defacement campaign, with threat actors deploying defacement files directly on the affected infrastructure."
"The attacker is likely exploiting an unauthenticated file upload vulnerability impacting Magento Open Source, Magento Enterprise, and Adobe Commerce deployments."
"The campaign affected global brands such as Asus, FedEx, and Toyota, mainly targeting subdomains and regional storefronts, with some production sites briefly defaced."
A mass defacement campaign has impacted over 7,500 Magento sites, deploying plaintext defacement files across more than 15,000 hostnames. Most files contained attacker handles, with some referencing geopolitical conflicts. The campaign appears to exploit an unauthenticated file upload vulnerability in Magento Open Source and Adobe Commerce. Notable brands and organizations, including Asus, FedEx, and the Trump Organization, were affected. The incidents were reported to the defacement archive Zone-H, indicating the threat actor's intent to build a reputation.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]