Hackers are actively exploiting a critical vulnerability (CVE-2025-54236, CVSS 9.1) in Adobe Commerce and Magento Open Source, known as SessionReaper. The flaw, stemming from improper input validation, allows attackers to bypass security features and potentially take over customer accounts via the Commerce REST API. Although Adobe released a hotfix on September 9, exploitation began after the patch was leaked early, and only 38% of affected sites have applied the fix. Sansec has observed roughly 250 attacks already, with exploitation expected to escalate rapidly following the public release of technical details by Searchlight Cyber. Adobe has confirmed the vulnerability is now being exploited in the wild.
Dale Hoak, CISO, RegScale had this to say:
“The rapid exploitation of SessionReaper underscores how compliance and security controls must operate continuously, not periodically. Many organizations treat patch management and vulnerability response as checklist items, but real resilience comes from continuous monitoring of control drift and evidence of remediation. When technical writeups go public, automation and compliance-as-code can make the difference between being patched in hours versus weeks.”
We are now in an age of patch everything ASAP before the bad guys try to pwn you. This illustrates how bad things have become and why things need to change ASAP.
Like this:
Like Loading...
Related
This entry was posted on October 23, 2025 at 2:51 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hackers begin to exploit SessionReaper vulnerability
Hackers are actively exploiting a critical vulnerability (CVE-2025-54236, CVSS 9.1) in Adobe Commerce and Magento Open Source, known as SessionReaper. The flaw, stemming from improper input validation, allows attackers to bypass security features and potentially take over customer accounts via the Commerce REST API. Although Adobe released a hotfix on September 9, exploitation began after the patch was leaked early, and only 38% of affected sites have applied the fix. Sansec has observed roughly 250 attacks already, with exploitation expected to escalate rapidly following the public release of technical details by Searchlight Cyber. Adobe has confirmed the vulnerability is now being exploited in the wild.
Dale Hoak, CISO, RegScale had this to say:
“The rapid exploitation of SessionReaper underscores how compliance and security controls must operate continuously, not periodically. Many organizations treat patch management and vulnerability response as checklist items, but real resilience comes from continuous monitoring of control drift and evidence of remediation. When technical writeups go public, automation and compliance-as-code can make the difference between being patched in hours versus weeks.”
We are now in an age of patch everything ASAP before the bad guys try to pwn you. This illustrates how bad things have become and why things need to change ASAP.
Share this:
Like this:
Related
This entry was posted on October 23, 2025 at 2:51 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.