Magento 2 Polyshell Vulnerability: Detection and Mitigation Guide
How to guide on checking if your Magento 2 store is safe from the Polyshell vulnerability. And guidance on how to patch and secure your site if it is not.
Adobe Commerce Articles
Articles and guides on Adobe Commerce (Magento), covering development, performance, integrations, and operating scalable ecommerce platforms.
Adobe's Isolated Patch Strategy: A Community Response
Adobe's new monthly isolated patch approach for Magento creates maintenance burden. Here's how a community meta-package can help restore sanity to security patching.
Strengthening Magento 2 Security in CI/CD Pipelines with Sansec Ecomscan
Learn how to integrate Sansec Ecomscan into Magento 2 CI/CD pipelines to detect malware, enforce security patches, and secure build artifacts. Step-by-step guides for GitHub Actions and Bitbucket Pipelines included.
Check if your Magento site is safe from Session Reaper (CVE-2025-54236)
How to guide on checking if your Magento 2 store is safe from the Session Reaper (CVE-2025-54236) exploit. And guidance on how to patch and secure your site if it is not.
Debouncing Magento 2 FPC Purge Requests
Delaying Magento 2 full page cache purges to a set schedule, to improve frontend performance and reduce system load during busy periods such as sales events like black friday.
Magento Trojan Orders (CVE-2022-24086) - addAfterFilterCallback
Magento 2 Trojan Orders (CVE-2022-24086) are back, lets talk about how to patch so we are safe. And other identifiers aside from addAfterFilterCallback
CosmicSting (CVE-2024-34102): Check and Patch Your Magento Store
Free validator tool to check if your Magento 2 store is vulnerable to CosmicSting (CVE-2024-34102) — 6,500+ stores tested, 2,300+ found vulnerable. Step-by-step patching guide included.
Adobe Commerce - Improved Magento Vars Store Code Configuration
A simplified version of the magento-vars.php store code configuration. That catches both CNAME alias' and dynamic integration urls