E-Commerce Chaos: 250 Attacks Exploit Adobe Commerce Flaw in 24 Hours!
Hackers exploit CVE-2025-54236 in Adobe Commerce and Magento to hijack accounts. Over 250 attacks hit in just 24 hours. It’s a critical situation as only 38% of stores are patched. If you’re using these platforms, patch immediately or face the wrath of SessionReaper—it’s not a Halloween prank!
Hot Take:
Oh, Adobe Commerce and Magento, you just had to go and get yourselves into trouble again! CVE-2025-54236, or as the cool kids call it, SessionReaper, is out here turning e-commerce sites into a hacker’s playground. With over 250 attacks in just 24 hours, it seems like everyone’s trying to get in on the action. It’s like Black Friday for cybercriminals, and the deals are on your customer accounts! Patch it up, folks, before your store becomes an all-you-can-hack buffet!
Key Points:
- A critical flaw, CVE-2025-54236, is affecting Adobe Commerce and Magento.
- Over 250 attacks have been recorded in a 24-hour period.
- The flaw, dubbed SessionReaper, allows account hijacking and remote code execution.
- Only 38% of stores have patched the vulnerability, leaving 62% at risk.
- Sansec has identified multiple IPs involved in the attacks.