PolyShell attacks target 56% of all vulnerable Magento stores Attackers began mass exploiting the PolyShell vulnerability in Magento Open Source and Adobe Commerce version 2 shortly after public disclosure, with Sansec reporting attacks on 56.7% of vulnerable stores. Some incidents deliver a novel WebRTC-based payment skimmer that exfiltrates card data over DTLS/UDP to bypass CSP and evade detection, while Adobe's fix remains only in the 2.4.9-beta1 release and Sansec has published IoCs and attacker IPs. #PolyShell #Magento

Mass exploitation of the PolyShell vulnerability targets 56.7% of Magento Open Source and Adobe Commerce 2.x stores via REST API file uploads. Adobe’s fix is in 2.4.9-beta1, Sansec provides IoCs and attacker IPs. #MagentoAttacks #PaymentSkimmer