CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Exploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at Risk

Patched in September, the SessionReaper bug could be exploited without authentication to bypass a security feature. The post Exploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at Risk appeared first on SecurityWeek.

Adobe vulnerabilities

Hackers have started exploiting a critical-severity vulnerability in Adobe Commerce and Magento Open Source, cybersecurity firm Sansec reports.

Tracked as CVE-2025-54236 (CVSS score of 9.1), the flaw is described as an improper input validation issue leading to security feature bypass.

On September 9, Adobe released hotfixes for the security defect, urging users of Commerce and Magento Open Source versions between 2.4.4 and 2.4.7 to update their deployments.

Sansec warned at the time that threat actors were likely working on weaponizing the bug, referred to as SessionReaper, after Adobe’s patch leaked one week before the hotfix was released.

Now, Sansec says active exploitation of CVE-2025-54236 has started, with roughly 250 attacks observed on Wednesday. The identified payloads contained PHP webshells and phpinfo probes.

The exploitation activity is expected to surge fast, as less than half of the ecommerce sites have been patched against the vulnerability.

Furthermore, on Wednesday, Searchlight Cyber published technical information on SessionReaper and its exploitation, which are expected to fuel the bug’s in-the-wild targeting.

“With exploit details now public and active attacks already observed, we expect mass exploitation within the next 48 hours. Automated scanning and exploitation tools typically emerge quickly after technical writeups are published, and SessionReaper’s high impact makes it an attractive target for attackers,” Sansec notes.

The cybersecurity firm points out that only 38% of stores have applied Adobe’s hotfix, meaning that 62% of the Magento stores are at risk.

One of the main issues with the security defect, Adobe warned roughly a month ago, is the fact that it could lead to customer account takeover through the Commerce REST API.

On Wednesday, Adobe updated its advisory to confirm the security defect’s in-the-wild exploitation. “Adobe is aware of CVE-2025-54236 being exploited in the wild,” the update reads.

Related: Organizations Warned of Exploited Adobe AEM Forms Vulnerability

Related: Lanscope Endpoint Manager Zero-Day Exploited in the Wild

Related: TARmageddon Flaw in Popular Rust Library Leads to RCE

Related: Government, Industrial Servers Targeted in China-Linked ‘PassiveNeuron’ Campaign

Latest News

CYBERNEWSMEDIAPublisher