Attackers are exploiting the SessionReaper vulnerability in Magento, despite an available patch, causing widespread risk of full shop compromise. Security experts emphasize the importance of urgent patching, layered defenses, and monitoring to prevent exploitation. #SessionReaper #MagentoVulnerability
Keypoints
- The SessionReaper flaw (CVE-2025-54236) allows remote code execution through nested deserialization attacks in Magento.
- Six weeks after the patch release, only 38% of Magento stores have installed it, leaving many vulnerable to exploitation.
- Attackers are conducting automated scans, dropping web shells, and deploying payloads like PHP web shells and info probes.
- The attack pattern is similar to past high-impact eCommerce security breaches like Shoplift and CosmicSting.
- Experts recommend immediate patch deployment, web application firewalls, and comprehensive scanning to mitigate risks.
Read More: https://thecyberexpress.com/sessionreaper-exploits-erupt/