New research by Sanguine Security shows that cyberattacks on websites relying on e-commerce content management system (CMS) Magento are surging due to increased activity by two hacking groups. The number of hacked websites using Magento 2.x has been doubling every month since March of this year.

The campaigns are exploiting “PRODSECBUG-2198,” a critical SQL injection vulnerability that makes it possible for threat actors to take control of websites that have not installed the security update for this flaw, which was released in March. One threat actor accounts for 70% of breached Magento sites, while a second hacking group is behind 20% of breaches.

Read more: Two hacking groups responsible for huge spike in hacked Magento 2.x stores