Major supply chain attack was six years in the making
Sansec researchers say they have uncovered a supply chain attack involving 21 backdoored Magento extensions, affecting between 500 and 1,000 e-commerce stores. The researchers say the code was planted six years ago and just discovered recently when threat actors compromised a number of e-commerce servers. The attack involved breaching the download servers of Magesolution, Meetanshi and Tigren.
Full Story: Security Affairs (5/6)