Security Center

Get the latest patches, security updates, and best practices for your Magento sites

New Security Update

Install critical updates for Magento 1.x and Magento 2.x versions

Authored by:

Magento Security Team

Mar 30, 2016

Important information on how Magento 2.0 handles anonymous web APIs

Mar 16, 2016

A newly-identified malware appears to capture checkout information, including credit card data, from infected sites

Feb 18, 2016

Update to the Shoplift vulnerability - be sure to apply all official Magento security patches

Feb 11, 2016

Review your site and make sure to implement all Magento security updates

Dec 8, 2015

How to outsmart the bad guys

Nov 30, 2015

The results are in!

Nov 16, 2015

Malware deployed on site can collect and forward credit card information

Oct 31, 2015

It is critical that this patch is implemented as soon as possible

Oct 19, 2015

We are actively investigating reports of Magento sites being targeted by Guruincsite malware (Neutrino exploit kit)

Oct 8, 2015

New vulnerabilities identified for sites using Nginx and the Magmi data import tool