#sessionreaper — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #sessionreaper, aggregated by home.social.
-
👻 This Halloween, make sure *you* haunt vulnerabilities - not the other way around. 😈
October updates are here, and they’re a real treat for security teams.
Check out the new powers you can use to keep monsters out:
🕸️ Catch 2 new RCEs before attackers do (Fortra GoAnywhere & SolarWinds).
🎯 Validate #SessionReaper safely with Sniper: Auto-Exploiter.
☁️ Scan private Azure environments securely with our new VPN Agent.
📁 Download multiple reports in one go (no more manual horrors).
📚 See how we help MSPs, consultants & internal teams - and hear it from them if we do a good job (or not).🍭 Check the changelog for the full basket: https://pentest-tools.com/change-log
#cybersecurity #vulnerabilitymanagement #offensivesecurity #azure
-
A week in security (October 20 – October 26) https://www.malwarebytes.com/blog/news/2025/10/a-week-in-security-october-20-october-26 #SessionReaper #homedepot #Dolby #News #AI
-
Angreifer attackieren kritische Lücke in #AdobeCommerce und #Magento | Security https://www.heise.de/news/Angreifer-attackieren-kritische-Luecke-in-Adobe-Commerce-und-Magento-10845752.html #SessionReaper #Adobe #AdobeMagento #Patchday
-
SessionReaper Exploits Erupt as Magento Sites Lag on Patching https://thecyberexpress.com/sessionreaper-exploits-erupt/ #SessionReaperExploitation #ExploitedVulnerabilities #VulnerabilitiesPatching #ThreatIntelligence #VulnerabilityNews #Vulnerabilities #CyberEssentials #FirewallDaily #AdobeCommerce #SessionReaper #CyberNews #Magento
-
SessionReaper Exploits Erupt as Magento Sites Lag on Patching https://thecyberexpress.com/sessionreaper-exploits-erupt/ #SessionReaperExploitation #ExploitedVulnerabilities #VulnerabilitiesPatching #ThreatIntelligence #VulnerabilityNews #Vulnerabilities #CyberEssentials #FirewallDaily #AdobeCommerce #SessionReaper #CyberNews #Magento
-
SessionReaper Exploits Erupt as Magento Sites Lag on Patching https://thecyberexpress.com/sessionreaper-exploits-erupt/ #SessionReaperExploitation #ExploitedVulnerabilities #VulnerabilitiesPatching #ThreatIntelligence #VulnerabilityNews #Vulnerabilities #CyberEssentials #FirewallDaily #AdobeCommerce #SessionReaper #CyberNews #Magento
-
SessionReaper Exploits Erupt as Magento Sites Lag on Patching https://thecyberexpress.com/sessionreaper-exploits-erupt/ #SessionReaperExploitation #ExploitedVulnerabilities #VulnerabilitiesPatching #ThreatIntelligence #VulnerabilityNews #Vulnerabilities #CyberEssentials #FirewallDaily #AdobeCommerce #SessionReaper #CyberNews #Magento
-
Thousands of online stores at risk as SessionReaper attacks spread https://www.malwarebytes.com/blog/news/2025/10/thousands-of-online-stores-at-risk-as-sessionreaper-attacks-spread #holidaythreats #SessionReaper #webstores #Threats #magento #News
-
Thousands of online stores at risk as SessionReaper attacks spread https://www.malwarebytes.com/blog/news/2025/10/thousands-of-online-stores-at-risk-as-sessionreaper-attacks-spread #holidaythreats #SessionReaper #webstores #Threats #magento #News
-
Thousands of online stores at risk as SessionReaper attacks spread https://www.malwarebytes.com/blog/news/2025/10/thousands-of-online-stores-at-risk-as-sessionreaper-attacks-spread #holidaythreats #SessionReaper #webstores #Threats #magento #News
-
Thousands of online stores at risk as SessionReaper attacks spread https://www.malwarebytes.com/blog/news/2025/10/thousands-of-online-stores-at-risk-as-sessionreaper-attacks-spread #holidaythreats #SessionReaper #webstores #Threats #magento #News
-
🏴☠️ We built a #SessionReaper (CVE-2025-54236) exploit against Magento 2 & Adobe Commerce and documented the *full* hunt 🔦 — from repo diffs and endpoint discovery to a lab-tested PoC and Sniper automation.
If you research or defend e-commerce apps, this one’s practical: reproducible steps, debug tips, and what to look for on your instances.
Read the full breakdown and PoC by Matei "Mal" Badanoiu (aka CVE Jesus) & David Bors! 👉 https://pentest-tools.com/blog/sessionreaper-cve-2025-54236-exploit
-
⚠️ "Six semaines après le correctif d’urgence d’Adobe pour #SessionReaper (CVE-2025-54236), la vulnérabilité est entrée dans une phase d’exploitation active."
➡️ Selon Sansec Seuls 38 % des sites #Magento sont à jour — 3 sur 5 restent vulnérables à une exécution de code à distance
Détails techniques et timeline complète sur le blog de Sansec.
👇
https://sansec.io/research/sessionreaper-exploitationArticle FR
👇
https://infosec.pub/post/36573308Analyse technique / dff du patch
👇
https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/Détails (G)CVE
👇
https://cve.circl.lu/vuln/CVE-2025-54236 -
⚠️ "Six semaines après le correctif d’urgence d’Adobe pour #SessionReaper (CVE-2025-54236), la vulnérabilité est entrée dans une phase d’exploitation active."
➡️ Selon Sansec Seuls 38 % des sites #Magento sont à jour — 3 sur 5 restent vulnérables à une exécution de code à distance
Détails techniques et timeline complète sur le blog de Sansec.
👇
https://sansec.io/research/sessionreaper-exploitationArticle FR
👇
https://infosec.pub/post/36573308Analyse technique / dff du patch
👇
https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/Détails (G)CVE
👇
https://cve.circl.lu/vuln/CVE-2025-54236 -
⚠️ "Six semaines après le correctif d’urgence d’Adobe pour #SessionReaper (CVE-2025-54236), la vulnérabilité est entrée dans une phase d’exploitation active."
➡️ Selon Sansec Seuls 38 % des sites #Magento sont à jour — 3 sur 5 restent vulnérables à une exécution de code à distance
Détails techniques et timeline complète sur le blog de Sansec.
👇
https://sansec.io/research/sessionreaper-exploitationArticle FR
👇
https://infosec.pub/post/36573308Analyse technique / dff du patch
👇
https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/Détails (G)CVE
👇
https://cve.circl.lu/vuln/CVE-2025-54236 -
⚠️ "Six semaines après le correctif d’urgence d’Adobe pour #SessionReaper (CVE-2025-54236), la vulnérabilité est entrée dans une phase d’exploitation active."
➡️ Selon Sansec Seuls 38 % des sites #Magento sont à jour — 3 sur 5 restent vulnérables à une exécution de code à distance
Détails techniques et timeline complète sur le blog de Sansec.
👇
https://sansec.io/research/sessionreaper-exploitationArticle FR
👇
https://infosec.pub/post/36573308Analyse technique / dff du patch
👇
https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/Détails (G)CVE
👇
https://cve.circl.lu/vuln/CVE-2025-54236 -
A dangerous flaw in Adobe Commerce lets hackers hijack customer sessions with zero effort—and 60% of Magento stores are still unpatched. Is your business vulnerable?
#sessionreaper
#adobecommerce
#magento
#cve202554236
#ecommercesecurity -
A dangerous flaw in Adobe Commerce lets hackers hijack customer sessions with zero effort—and 60% of Magento stores are still unpatched. Is your business vulnerable?
#sessionreaper
#adobecommerce
#magento
#cve202554236
#ecommercesecurity -
A dangerous flaw in Adobe Commerce lets hackers hijack customer sessions with zero effort—and 60% of Magento stores are still unpatched. Is your business vulnerable?
#sessionreaper
#adobecommerce
#magento
#cve202554236
#ecommercesecurity -
A dangerous flaw in Adobe Commerce lets hackers hijack customer sessions with zero effort—and 60% of Magento stores are still unpatched. Is your business vulnerable?
#sessionreaper
#adobecommerce
#magento
#cve202554236
#ecommercesecurity -
A dangerous flaw in Adobe Commerce lets hackers hijack customer sessions with zero effort—and 60% of Magento stores are still unpatched. Is your business vulnerable?
#sessionreaper
#adobecommerce
#magento
#cve202554236
#ecommercesecurity -
Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts – Source: securityaffairs.com https://ciso2ciso.com/critical-flaw-sessionreaper-in-commerce-and-magento-platforms-lets-attackers-hijack-customer-accounts-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #CVE-2025-54236 #SessionReaper #BreakingNews
-
🚨 Critical Magento & Adobe Commerce Flaw (CVE-2025-54236 – SessionReaper) 🚨
Impact: Customer account takeover + unauthenticated remote code execution (CVSS 9.1 Critical).
👉 Full details and action steps: https://hostvix.com/sessionreaper-critical-magento-adobe-commerce-vulnerability-cve-2025-54236/
#Magento #AdobeCommerce #SessionReaper #CVE202554236 #CVE #Infosec #CyberSecurity #AppSec #WebSecurity #SecOps #BlueTeam #RedTeam #ThreatIntel #Vulnerability #PatchNow #ZeroDay #Exploit #EcommerceSecurity #DataSecurity #SecurityUpdate
-
🚨 Critical Magento & Adobe Commerce Flaw (CVE-2025-54236 – SessionReaper) 🚨
Impact: Customer account takeover + unauthenticated remote code execution (CVSS 9.1 Critical).
👉 Full details and action steps: https://hostvix.com/sessionreaper-critical-magento-adobe-commerce-vulnerability-cve-2025-54236/
#Magento #AdobeCommerce #SessionReaper #CVE202554236 #CVE #Infosec #CyberSecurity #AppSec #WebSecurity #SecOps #BlueTeam #RedTeam #ThreatIntel #Vulnerability #PatchNow #ZeroDay #Exploit #EcommerceSecurity #DataSecurity #SecurityUpdate
-
🚨 Critical Magento & Adobe Commerce Flaw (CVE-2025-54236 – SessionReaper) 🚨
Impact: Customer account takeover + unauthenticated remote code execution (CVSS 9.1 Critical).
👉 Full details and action steps: https://hostvix.com/sessionreaper-critical-magento-adobe-commerce-vulnerability-cve-2025-54236/
#Magento #AdobeCommerce #SessionReaper #CVE202554236 #CVE #Infosec #CyberSecurity #AppSec #WebSecurity #SecOps #BlueTeam #RedTeam #ThreatIntel #Vulnerability #PatchNow #ZeroDay #Exploit #EcommerceSecurity #DataSecurity #SecurityUpdate
-
🚨 Critical Magento & Adobe Commerce Flaw (CVE-2025-54236 – SessionReaper) 🚨
Impact: Customer account takeover + unauthenticated remote code execution (CVSS 9.1 Critical).
👉 Full details and action steps: https://hostvix.com/sessionreaper-critical-magento-adobe-commerce-vulnerability-cve-2025-54236/
#Magento #AdobeCommerce #SessionReaper #CVE202554236 #CVE #Infosec #CyberSecurity #AppSec #WebSecurity #SecOps #BlueTeam #RedTeam #ThreatIntel #Vulnerability #PatchNow #ZeroDay #Exploit #EcommerceSecurity #DataSecurity #SecurityUpdate
-
Adobe Issues Urgent Patch for ‘SessionReaper’ Vulnerability in Commerce and Magento https://thecyberexpress.com/adobe-commerce-flaw-cve-2025-54236/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #AdobeCommerce #SessionReaper #CVE202554236 #CyberNews #Magento
-
Adobe Issues Urgent Patch for ‘SessionReaper’ Vulnerability in Commerce and Magento https://thecyberexpress.com/adobe-commerce-flaw-cve-2025-54236/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #AdobeCommerce #SessionReaper #CVE202554236 #CyberNews #Magento
-
Adobe Issues Urgent Patch for ‘SessionReaper’ Vulnerability in Commerce and Magento https://thecyberexpress.com/adobe-commerce-flaw-cve-2025-54236/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #AdobeCommerce #SessionReaper #CVE202554236 #CyberNews #Magento
-
Adobe Issues Urgent Patch for ‘SessionReaper’ Vulnerability in Commerce and Magento https://thecyberexpress.com/adobe-commerce-flaw-cve-2025-54236/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #AdobeCommerce #SessionReaper #CVE202554236 #CyberNews #Magento
-
Adobe Commerce is under threat—a new flaw, SessionReaper, lets hackers hijack live sessions like an open front door. Learn why immediate patching is crucial to keep your eCommerce safe.
#sessionreaper
#adobecommerce
#magento
#cybersecurity
#vulnerability -
Should you find yourself in the unfortunate position of running (or being otherwise responsible for) a Magento / Adobe Commerce platform...you may wanna update _today_
https://sansec.io/research/sessionreaper
TL;DR CVE-2025-54236: possible unauthenticated RCE and customer account takeover
-
SessionReaper Vulnerability Puts Magento & Adobe Commerce Sites in Hacker Crosshairs https://gbhackers.com/sessionreaper-vulnerability/ #CyberSecurityNews #cybersecurity #Vulnerability #SessionReaper