Security Intelligence for Adobe Commerce

Security researcher Hunter Heaivilin has been mapping a skimming operation called GorgonAgora since August 2025. The dataset he handed to Sansec confirmed 4,880 fake storefronts — and urlscan.io’s CSS fingerprint matching suggests the real number is already above 6,000.

The attack pattern …

A skimming operation tracked as GorgonAgora is running over 4,800 fake storefronts that impersonate real brands and steal payment data from anyone who checks out. Independent researcher Hunter Heai…

Read Full Article on Sansec.io →

Sansec is proud to add Sylius to our list of supported platforms. Sansec eComscan now integrates with Sylius 1 and Sylius 2 and will run deep searches to hunt for malware & vulnerabilities.Whi…

Read Full Article on Sansec.io →

🔴 Severity: CRITICAL (CVSS 9.8)

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers …

Sansec discovered an unauthenticated PHP object injection vulnerability in Mirasvit Cache Warmer, a full-page cache extension for Magento and Adobe Commerce. Any storefront request carrying a craft…

Read Full Article on Sansec.io →