Sansec - experts in eCommerce security

🚨 New Adobe Commerce / Magento releases are rolling out (APSB25-94). Expected versions: - 2.4.8-p3 - 2.4.7-p8 - 2.4.6-p13 - 2.4.5-p15 (extended support only) - 2.4.4-p16 (extended support only) Key fixes include: - SessionReaper (CVE-2025-54236) now patched in official security releases - Multiple backend XSS fixes, likely tied to inline translations - Privilege escalation fix when saving admin roles - Updated ACL resource for backend order creation sidebar - Improved error handling, cleanup, and validation for SRI (subresource integrity) hashes - Improvements to the LoginAsCustomer module. This release also introduces several non-security updates: - TinyMCE has been replaced with HugeRTE - Added Apache ActiveMQ support via the STOMP protocol If you’re using Sansec Shield, you're already protected and can upgrade at your convenience. Otherwise, apply the patch as soon as possible. We will update this post as we learn more.

Running Shopware? We just finished forensics on a Shopware 6 store, that had malware injected in a yet-unknown location: the theme db table. Our team took a full 30 minutes to release a new eComscan (v1.7.33) that supports detection of this attack 🥳 #ReleaseFriday #AwesomeColleagues

Russian hackers warn each other for our software 🤣 A breach forum user is selling access to a hacked store for $1300 — but cautions potential buyers that the admins had once run Sansec eComscan. Active protection not activated though...

I always loved the work of the Sansec - experts in eCommerce security guys, but their live "hacks" monitoring tool is one of the most most beautiful and equally scary things I have ever seen: https://sansec.io/live By watching it (or by monitoring any firewall) you might wonder, as I do, why governments in EU (let's say Netherlands, just because) and US do so little to prevent the rental/usage of servers (in our own backyards) to launch attacks against our own companies... 🤔

T-MINUS 3 DAYS until MageTitans Groningen 2025! 📅 September 26 | 📍 Groningen, Netherlands Forget pumpkin spice cause this week, the only thing heating up faster than your autumn latte is the MageTitans agenda. And trust us… it’s SPICY. 🌶️ 💻 Who’s grabbing the mic? Glad you asked 👇 Peter Jaap Blaakmeer – kicking things off with some dev wisdom Jordy Scholing – DevTools performance debugging, untangled David Lambauer – AI meets community: rewriting Magento docs the smart way Michiel Gerritsen – Building the ideal Magento shop (without losing your mind) Ivan Chepurnyi – Caching costs? Chill, he’s got you covered Sean van Zuidam – ⚡ Design Tokens and Figma: make it pretty, make it smart Leoni Sambell-Tielrooy – ⚡ Devs + E-com managers = ❤️ (or at least peaceful co-existence) Jeroen Boersma – CSP, side effects may include security and happiness Ksenia Zvereva – “Why am I so busy?” – relatable content incoming Mitchell de Roode – Playwright your tests like a pro Marek Kubacak – ⚡ Changing the Magento narrative (from frustration to fit) Andreas von Studnitz – ⚡ One year at Hyvä: a journey worth hearing 🎉 Still not convinced? There’s coffee, code, conversations… AND an afterparty 💜 Need more? We got you a hackathon too! 🎟️ Last Minute tickets are still up for grabs but not for long! Big hugs to our sponsors – without you, we’d just be yelling at empty code editors: 💎 Headline: Mollie 🥇 Gold: Hyvä, Hypernode 🥉 Bronze: Sansec - experts in eCommerce security, Vendic, GitLabHost, Loki Checkout 🍸 Afterparty fuel: RUMvision - Core Web Vitals monitoring (BIG hugs from Aleksandra „Ola” Czapiewska, née Kijewska) 🛠️ Hackathon energy: MultiSafepay, Savvii Managed Hosting 🚀 Organized by the legendary:elgentos commerce & configuratorss 🧡 Come for the code, stay for the chaos (and community). See you in Groningen! #MageTitans #MagentoCommunity #MageTitansGroningen #OpenSourceDev #HyvaLife #DevHumor #StillCodingStillStanding

A disaster in slow motion & a race against the clock. What shall we do? It’s 10 days since a patch for the SessionReaper attack was released and we published a warning to take immediate action. So far, just 1 in 3 stores has been patched, while criminals offer thousands of $$$ for working exploit code and are preparing mass attack infrastructure. Last summer, Adobe released a fix for the similar CosmicSting attack, but at the lowest priority. We urged merchants across the globe via mail, blogs, linkedin to patch IMMEDIATELY, but still 20,000+ stores got hacked. And now we are in the exact same situation. If you read this, take action and install the emergency patch. If you cannot, then use a specialised WAF to deflect the first attack waves. NB Adobe Commerce Cloud WAF does not protect against all SessionReaper attacks.

Not everybody was able to patch immediateley 😬 so we're offering instant protection with our Magento 2 WAF one month free of charge with coupon SESSIONREAPER

Alert: emergency patch out NOW for Adobe Commerce & Magento. Adobe just released a patch outside of their regular schedule. It fixes CVE-2025-54236, also known as SessionReaper, which allows remote code execution for stores with file based sessions and possibly others. If you are using Sansec Shield, you are already protected and can upgrade at a convenient time. If not, you should implement the patch ASAP. In previous cases, mass hacks started within days or even hours of publication. We have not observed active abuse yet but will update this post when we do.

I always loved the work of the Sansec - experts in eCommerce security guys, but their live "hacks" monitoring tool is one of the most most beautiful and equally scary things I have ever seen: https://sansec.io/live By watching it (or by monitoring any firewall) you might wonder, as I do, why governments in EU (let's say Netherlands, just because) and US do so little to prevent the rental/usage of servers (in our own backyards) to launch attacks against our own companies... 🤔

🚨 It's a patch day 🚨 Thank you Sansec - experts in eCommerce security for making sure our online business are secured! Protect your Magento Open Source stores! It's a patch day! https://lnkd.in/diErGcvZ