PolyShell
PolyShell attacks target 56% of all vulnerable Magento stores
Attacks leveraging the ‘PolyShell’ vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. According to eCommerce security company Sansec, hackers started exploiting the critical PolyShell issue en masse last week, just two days after public disclosure. “Mass exploitation of PolyShell started on March 19th, and […]
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
A newly disclosed vulnerability dubbed ‘PolyShell’ affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover. There are no signs of the issue being actively exploited in the wild, but eCommerce security company Sansec warns that “the exploit method is circulating already” and expects automated attacks […]