Dutch security firm Sansec has detected a massive breach of more than 500 stores using Magento 1 e-commerce platform. Hackers used a combination of an SQL injection and PHP Object Injection attack to gain control of the Magento store. Magecart Group 12, known for skimming payment cards, is using an updated attack technique to gain remote administrative access to sites that run an older version of Adobe’s Magento software. Adobe has urged customers to upgrade to the newer platform, but about 95,000 sites still rely on the older version.”]
Source: https://www.bankinfosecurity.com/massive-breach-hits-500-e-commerce-sites-a-18492