Close Menu
Cyber Updates

250+ Magento Stores Compromised Overnight: New Security Flaw Exploited

Staff WriterBy Updated:No Comments2 Mins Read4 Views

Quick Takeaways

  1. Critical Vulnerability Alert: Adobe Commerce and Magento Open Source platforms are facing exploitation of a severe flaw (CVE-2025-54236), with over 250 attacks recorded in just 24 hours.

  2. Widespread Insecurity: Approximately 62% of Magento stores are still vulnerable to this high-risk flaw, emphasizing the need for urgent patch application.

  3. Exploitation Tactics: Threat actors are using the vulnerability to upload PHP backdoors and probe server configurations, indicating a high likelihood of account takeovers.

  4. Historical Context: This incident marks the second significant deserialization vulnerability within Adobe platforms in two years, underscoring ongoing security challenges in the ecosystem.

Over 250 Magento Stores Targeted by Cyberattackers

E-commerce security company Sansec reported a significant surge in cyberattacks targeting Magento platforms. Specifically, over 250 attack attempts occurred in just 24 hours. Attackers exploited a newly disclosed vulnerability known as CVE-2025-54236. This defect, with a critical CVSS score of 9.1, allows hackers to potentially take control of customer accounts via the Commerce REST API. As a result, many store owners now face heightened risks.

Despite Adobe’s efforts to address this flaw last month, a striking 62% of Magento stores remain vulnerable. Security researcher Blaklis discovered and responsibly disclosed this severe issue. Sansec reminds administrators of the urgency to apply necessary patches to safeguard their stores before hackers can expand their attacks.

Attack Origins and Broader Implications

The attacks reportedly initiated from various IP addresses. Hackers utilized the flaw to deploy PHP webshells and extract critical PHP configuration information. Moreover, Sansec indicated that these exploits often masqueraded as fake sessions while uploading backdoors through specific customer endpoints.

Notably, this is the second significant vulnerability impacting Adobe Commerce and Magento platforms in recent years. A similar flaw, dubbed CosmicSting, had a CVSS score of 9.8 and also resulted in widespread exploitation in July 2024. With exploit specifics and proof-of-concept methods becoming accessible, the urgency for users to promptly implement fixes has never been clearer. Cybersecurity experts stress the importance of immediate action to protect e-commerce operations effectively.

Discover More Technology Insights

Learn how the Internet of Things (IoT) is transforming everyday life.

Discover archived knowledge and digital history on the Internet Archive.

DataProtection-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.