{
  "canonical_id": "magento-open-source--48afb07030",
  "system_id": "magento-open-source",
  "title": "Magento security extentions vendor got hacked   2019-10-07  The store of a US Magento extension vendor was found compromised. Attackers had write access to the server selling extensions. We are awaiting a statement on the integrity of downloaded software. Our malware crawlers detected a compromise of Extendware, a vendor of Magento extensions such as &quo...   skimming",
  "reasons": [
    "missing affected/fixed version details"
  ],
  "candidate_count": 1,
  "references": [
    "https://sansec.io/research/magento-plugin-vendor-compromised"
  ]
}