Threat actors are actively exploiting a critical vulnerability (CVE-2025-54236) in Adobe Commerce and Magento Open Source platforms, leading to over 250 attack attempts in 24 hours. Experts urge website administrators to patch the flaw promptly to prevent further exploitation, as malicious actors upload PHP webshells and extract system information. #AdobeCommerce #MagentoOpenSource #CVE-2025-54236
Keypoints
- Over 250 attack attempts were recorded against Magento stores exploiting CVE-2025-54236 within 24 hours.
- The vulnerability allows remote code execution through improper input validation in the Commerce REST API.
- Malicious actors are deploying PHP webshells and probing system configurations via IP addresses such as 34.227.25.4 and 159.89.12.166.
- Despite a patch being released a month ago, 62% of Magento stores remain vulnerable six weeks later.
- This is the second significant deserialization vulnerability in Magento platforms within a year, following CVE-2024-34102.
Read More: https://thehackernews.com/2025/10/over-250-magento-stores-hit-overnight.html