Hackers exploited PrestaShop zero-day to breach online stores

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Apr 24, 2016
7,738
6
81,344
8,389
54
The Netherlands
Content source
https://www.bleepingcomputer.com/news/security/hackers-exploited-prestashop-zero-day-to-breach-online-stores/
Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.

The PrestaShop team issued an urgent warning last Friday, urging the admins of 300,000 shops using its software to review their security stance after cyberattacks were discovered targeting the platform.

The attack appears to impact PrestaShop versions 1.6.0.10 or later and versions 1.7.8.2 or later if they run modules vulnerable to SQL injection, such as the Wishlist 2.0.0 to 2.1.0 module.

The actively exploited vulnerability is being tracked with the identifier CVE-2022-36408.
Click to expand...
www.bleepingcomputer.com

Hackers exploited PrestaShop zero-day to breach online stores

Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: upnorth and harlan4096
You must log in or register to reply here.

You may also like...