More than 4,200 Adobe Commerce and Magento online stores, including those belonging to Cisco, Whirlpool, Segway, Ray-Ban, and National Geographic, have been breached in attacks involving the critical CosmicSting information disclosure vulnerability, tracked as CVE-2024-34102, since June, BleepingComputer reports.
Intrusions leveraging CosmicSting have been launched by seven financially motivated threat operations — including Belki, Bobry, Burunduki, Khomyaki, Ondatry, and Surki — against almost 5% of all stores to facilitate Magento cryptographic key exfiltration and payment skimmer injections, according to a report from Sansec.
While Whirlpool, Segway, and Ray-Ban are believed to have remediated the issue, other organizations have been urged to immediately upgrade their Adobe Commerce and Magento implementations amid the threat of escalating exploitation.
"Sansec projects that more stores will get hacked in the coming months, as 75% of the Adobe Commerce & Magento install base hadn't patched when the automated scanning for secret encryption keys started," said the report.