{"id":234067,"date":"2026-03-26T02:19:29","date_gmt":"2026-03-26T07:19:29","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/03\/polyshell-attacks-target-56-of-all-vulnerable-magento-stores"},"modified":"2026-03-26T02:19:29","modified_gmt":"2026-03-26T07:19:29","slug":"polyshell-attacks-target-56-of-all-vulnerable-magento-stores","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/03\/polyshell-attacks-target-56-of-all-vulnerable-magento-stores","title":{"rendered":"PolyShell attacks target 56% of all vulnerable Magento stores"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/polyshell-attacks-target-56-of-all-vulnerable-magento-stores2.jpg\"><\/a><\/p>\n<p>Attacks leveraging the \u2018PolyShell\u2019 vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores.<\/p>\n<p>According to eCommerce security company Sansec, hackers started exploiting the critical PolyShell issue en masse last week, just two days after <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-polyshell-flaw-allows-unauthenticated-rce-on-magento-e-stores\/\" target=\"_blank\" rel=\"nofollow noopener\">public disclosure<\/a>.<\/p>\n<p>\u201cMass exploitation of PolyShell started on March 19th, and Sansec has now found PolyShell attacks on 56.7% of all vulnerable stores,\u201d <a href=\"https:\/\/sansec.io\/research\/webrtc-skimmer\" target=\"_blank\" rel=\"nofollow noopener\">Sansec<\/a><a href=\"http:\/\/sansec.io\/research\/webrtc-skimmer\" target=\"_blank\" rel=\"nofollow noopener\"> says<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Attacks leveraging the \u2018PolyShell\u2019 vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. According to eCommerce security company Sansec, hackers started exploiting the critical PolyShell issue en masse last week, just two days after public disclosure. \u201cMass exploitation of PolyShell started on [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1492],"tags":[],"class_list":["post-234067","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/234067","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=234067"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/234067\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=234067"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=234067"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=234067"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}