<ul><li>Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102.</li><li>The flaw is an Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability that could result in arbitrary code execution.</li><li>CosmicSting (CVE-2024-34102) is the most severe bug impacting Magento and Adobe Commerce stores in two years, with hacks occurring at a rate of 3 to 5 per hour.</li><li>Threat groups exploiting this vulnerability include Bobry, Polyovki, Surki, Burunduki, Ondatry, Khomyaki, and Belki.</li></ul>

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Discover more