Magento Imagine April 2017

Magento Imagine April 2017

Now in its seventh year, Imagine 2017 will bring together 2,500+ merchants, partners, developers, and commerce experts from 45+ countries to network, exchange ideas, and build relationships. Take a look at all the fun from previous years […] Read more

Malware that just won’t go away

Malware that just won’t go away

A new Magento hack which steals credit card data on checkout has been detected. Unlike other hacks it uses a Magento extension using database triggers to check and reinstall itself if components have been detected and removed. So how do you detect and/or get rid of it? […] Read more

Magento Security Issue

Upgrade Your Site Now

 

Critical security and functional enhancements for Magento 1.x and Magento 2.x are now available.

ENTERPRISE EDITION 1.14.3, COMMUNITY EDITION 1.9.3, AND SUPEE-8788
Enterprise Edition 1.14.3 and Community Edition 1.9.3 deliver over 120 quality improvements, as well as support for PHP 5.6. They also resolve critical security issues, including:

Remote code execution vulnerabilities with certain payment methods
Possibility of SQL injections due to Zend Framework library vulnerabilities
Cross-site scripting (XSS) risks with the Enterprise Edition private sale invitation feature
Improper session invalidation when an Admin user logs out
The ability for unauthorized users to back up Magento files or databases

The SUPEE-8788 patch addresses […] Read more