Friday, February 14, 2025
CISA Exploit ListCybersecurity

Thousands of Adobe Commerce E-stores Hacked by Exploiting the ‘CosmicSting’ Bug

Justin Erickson

by Justin Erickson

A recent cyberattack, dubbed “CosmicSting,” has compromised over 4,000 unpatched Adobe Commerce and Magento online stores. The attackers exploited security vulnerabilities to steal sensitive customer data, including payment information. This breach affects approximately 5% of all stores using these platforms. Users of Adobe Commerce and Magento are urged to apply security patches immediately to prevent further attacks and secure their systems.

This vulnerability is listed as CVE-2024-34102, and has been used in conjunction with CVE-2024-2961.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)

securityaffairs
Cybernews
Bleeping Computer
CVE-2024-34102
CVE-2024-2961