A dangerous wave of attacks exploiting CVE-2025-54236, dubbed “SessionReaper,” in Magento e-commerce platforms. This vulnerability lets attackers bypass authentication by reusing invalid session tokens, paving the way for session hijacking and full server takeovers. Researchers uncovered multiple intrusion campaigns hitting Magento sites worldwide, with over 200 stores suffering root-level compromises. In the most alarming incident, […]

The post Over 200 Magento Stores Compromised In Rootkit Rampage via Zero-Day Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Varshini

Source: gbHackers
Source Link: https://gbhackers.com/magento-zero-day-roots-200-stores/