PolyShell attacks target 56% of all vulnerable Magento stores

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...
The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

Huge numbers of web stores are facing attack from dangerous new malware

Hackers are actively using PolyShell against major brands and other ecommerce sites.
MUO on MSN

Extensions, plugins, and add-ons aren't the same thing — and I've been mixing them up for years

Three names, three roles, and I mixed them up without realizing it.

A simple coding mistake is exposing API keys across thousands of websites

A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.
CMSWire

The 5-Step Martech Reality Check for Marketing Leaders

With 15,384 commercial martech tools in the 2025 landscape and AI-powered pitches arriving daily, the biggest risk for ...