As you have probably already learned from the relevant media, a critical security vulnerability (ZERO-Day) has become known for Magento 2. Under the designation APSB22-12, the vulnerability CVE-2022-24086 is listed, which is already actively exploited.
You have probably already heard that a standard library for Java, “log4j”, is currently exposed to attacks. With this vulnerability, attackers may be able to execute malicious code on your system. Magento is based on PHP and is therefore not affected by this vulnerability. However, it is possible that other software you use is vulnerable.Continue reading “log4j – Vulnerability in Magento?”
You may have already heard it from your hoster: PHP 7.2 is being discontinued. But what does that mean for your Magento 1 store? (Picture: https://unsplash.com/@benofthenorth) (Deutsche Version weiter unten / German version below) If you want to know how long the PHP version you are using on your server will still be supported byContinue reading “PHP 7.2 support is discontinued – what about Magento 1 under PHP 7.3, 7.4 and PHP 8?”
Seven new patches have been released.
Plus invoices can now be downloaded.
Five new patches have been released. Two of them are high or critical!
Three new patches have been released. Two of them are critical.
Last weekend there was a hacker attack affecting about 2000 Magento 1 stores. In this newsletter we explain what we know about it and what you can do to protect your store.We also take this opportunity to thank our partner sansec.io for their support in researching these attacks. What happened? We received the message that last weekend about 2000 Magento 1 storesContinue reading “Hacker attacking Magento”
Two new patches have been released, adding PHP 7.3 compatibility and improving the clearing of session data with parallel logins.
Magento 1 has stirred up the market of open source e-commerce systems and has become one of the most popular e-commerce systems in the world within a short time. For over a decade, small and large retailers have been relying on it. Since Magento announced that it will discontinue official safety updates in June 2020Continue reading “Magento 1 & Mage One vs. Relaunch ~ When is the change worthwhile?”
This patch sends all cookies with a “secure” marker set. This results in sending the cookies solely via HTTPS.