Magento Stores Hacked as New Adobe Flaw Exploited

Hackers have launched a widespread cyberattack targeting over 250 Magento stores overnight, exploiting a newly disclosed vulnerability in Adobe Commerce and Magento Open Source. Security firm Sansec reported the intrusion attempts, warning that attackers are actively taking advantage of CVE-2025-54236—an improper input validation flaw with a critical CVSS score of 9.1.

The company detected hundreds of attacks within just 24 hours, signaling a coordinated campaign aimed at compromising e-commerce platforms. Magento stores hacked in this wave are at risk of data theft and unauthorized access, potentially leading to financial losses for merchants and customers alike.

Adobe has yet to issue a specific response in the summary, but security analysts are urging administrators to apply available patches immediately. The vulnerability’s severity underscores the importance of timely updates and monitoring for suspicious activity across digital storefronts.

For more detailed information, read the full report at the following link:
https://thehackernews.com/2025/10/over-250-magento-stores-hit-overnight.html