Massive Supply Chain Attack Compromises Hundreds of E-commerce Stores
2025-05-11
Hundreds of e-commerce stores, including a $40 billion multinational, are running backdoored versions of popular software. Security firm Sansec discovered that attackers have been actively exploiting these backdoors since at least April 20th. Affected packages are from vendors including Tigren, Magesolution (MGS), Meetanshi, and Weltpixel, released between 2019 and 2022. Attackers compromised vendor servers to inject backdoors, gaining access to all customer stores and their visitors. The backdoor disguises itself as a license check, located in License.php or LicenseApi.php. E-commerce stores using software from these vendors are urged to check their security immediately.
Read more