Sansec Uncovers Supply Chain Attack via 21 Compromised Magento Extensions

Sansec has discovered a supply chain attack through 21 compromised Magento extensions, affecting between 500 and 1,000 e-commerce stores, including a multinational company worth 40 billion dollars. Researchers reported that several suppliers were hacked in a coordinated attack, with a backdoor hidden in 21 applications. The malicious code was injected six years ago.