Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/f6/23/42/f62342b2-2c9e-c4b8-f30a-45740001dcdd/mza_9392632951824236990.jpg/600x600bb.jpg

Daily Security Review

410 episodes

6 days ago

Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities

All content for Daily Security Review is the property of Daily Security Review and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities

Technology

News,

Tech News

https://img.transistor.fm/2EVBPJXAJzKqdhf5S7HI6BZ8fap6YeMhNYe9gV_3L94/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS82OTgw/OTcyZTk1ZjQ4NDI4/Zjk1MGRlOWE1OWNk/Yzg4OS5wbmc.jpg

Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms

Daily Security Review

29 minutes

1 week ago

Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms

A critical new vulnerability is wreaking havoc across the global e-commerce ecosystem. Tracked as CVE-2025-54236 and dubbed SessionReaper, this flaw affects Adobe Commerce and Magento Open Source platforms, allowing attackers to bypass security features and seize control of customer accounts through the Commerce REST API. Despite Adobe releasing emergency hotfixes on September 9, an alarming 62% of Magento sites remain unpatched, leaving tens of thousands of online stores exposed to active exploitation.

Security firm Sansec first observed a spike in real-world attacks involving PHP webshell payloads and phpinfo probes used for reconnaissance and persistence. The attacks began almost immediately after the vulnerability was disclosed, accelerated by a premature leak of Adobe’s patch that gave adversaries a head start in developing exploits. Now that exploit code is public, experts warn of an impending surge in automated attacks targeting unpatched systems.

Adobe has officially confirmed that the SessionReaper vulnerability is being exploited in the wild, transforming a technical flaw into a full-blown operational crisis for online retailers. Threat actors are using the exploit to hijack customer sessions, manipulate transactions, and exfiltrate sensitive data — threatening both consumer trust and brand integrity.

According to Sansec’s telemetry, more than half of all Magento sites remain vulnerable, creating a massive attack surface for opportunistic cybercriminals. The exploit’s simplicity, combined with the widespread use of outdated Commerce installations, means mass compromise events are likely imminent.

Cybersecurity professionals emphasize that immediate mitigation is non-negotiable. Administrators must apply Adobe’s September 9 hotfix for all affected versions (2.4.4 through 2.4.7) and monitor for unauthorized API activity or unexpected PHP file uploads. With SessionReaper already tearing through unpatched systems, time is the most critical defense.

#AdobeCommerce #Magento #SessionReaper #CVE202554236 #AdobeVulnerability #EcommerceSecurity #Sansec #CyberAttack #Webshell #AccountTakeover #ExploitInTheWild #CVEAlert #PatchNow #RESTAPI #AdobeHotfix #CyberThreats #MagentoSecurity