Two potential security vulnerabilities have been discovered recently in the Magento ecosystem.
The first one is Nginx, but don’t panic, as this problem affects only some misconfigured Magento sites. Because of the misconfiguration, hackers get access to the Magento cache system. Please note, that cache files can contain such sensitive information as Magento database passwords: with this data, malefactors can access your Magento installation and as a result customer information. Continue Reading