PC World

Magento database tool Magmi has a zero-day vulnerability

An open-source tool for importing content into the Magento e-commerce platform, called Magmi, has a zero-day vulnerability, according to security vendor Trustwave. The directory traversal flaw is in ...
Bleeping Computer

Researchers Discover Self-Healing Malware That Targets Magento Stores

Dutch malware experts have found a new malware strain that targets online shops running on the Magento platform, which can self-heal using code hidden in the website's database. While this is not the ...
Computerworld

How to copy a Magento installation to a new domain

Moving a Magento e-commerce site to a new domain name by copying an existing installation can be a confusing task if you don’t know where to begin. If you find yourself in need of doing this, use this ...
Bleeping Computer

Magento plugin Magmi vulnerable to hijacking admin sessions

A cross-site request forgery (CSRF) vulnerability continues to be present in the Magmi plugin for Magento online stores, despite developers receiving a report from researchers that discovered it.
Threat Post

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws

Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites. Researchers have disclosed two flaws that could enable remote code execution attacks ...
Ars Technica

Supplier JSON/YAML product data feed consolidation and integration in Magento

Looking for a general ballpark figure for a solution to integrate three supplier JSON/YAML product data feeds into our Magento database for product and stock status updates once daily. I'm not sure ...