CVE-2025-54236 - Vulnerability Details

Threat entity extracted from intelligence sources

Frequency
6
occurrences
First Seen
October 28, 2025
Last Seen
January 30, 2026

CVE-2025-54236 is a vulnerability tracked across 7 threat clusters and 6 intelligence report mentions on ThreatCluster. First observed October 28, 2025; most recent activity January 30, 2026.

Related Threat Clusters

  • Magento Vulnerability Exploited in Attack on 200+ Websites

    In January 2026, attackers exploited a critical vulnerability in Magento, tracked as CVE-2025-54236, to hijack over 200 e-commerce websites. This severe authentication flaw allowed threat actors to gain complete control…

    2 articles · Updated January 30, 2026
  • UK Retail Cyber Attacks Show No Seasonal Spike Amid Holiday Concerns

    Analysis of cybersecurity incidents in the UK retail and manufacturing sectors reveals that 1,381 breaches occurred between Q3 2024 and Q2 2025, with no significant concentration around major shopping events. Security…

    61 articles · Updated November 28, 2025
  • Critical BIND 9 DNS Vulnerability Exploited with Public Code Release

    A public exploit for CVE-2025-40778, a critical vulnerability in BIND 9, has been released, enabling DNS cache poisoning and traffic redirection. This flaw affects the widely used Domain Name System software, posing…

    1 article · Updated November 2, 2025
  • BlueNoroff Launches New Campaigns Targeting Crypto Professionals

    North Korea-aligned threat actor BlueNoroff has initiated two new campaigns, GhostCall and GhostHire, targeting fintech executives and Web3 developers. These campaigns utilize social engineering tactics on platforms…

    4 articles · Updated October 29, 2025
  • Cyber Monday 2025: Surge in Online Scams Targeting Shoppers

    As Cyber Monday approaches, online shoppers are facing increased risks from cybercriminals exploiting the surge in digital purchases. Security experts warn of fraudulent websites, phishing emails, and insecure payment…

    7 articles · Updated November 21, 2025
  • Vulnerabilities Found in OpenAI's Atlas Browser Allow Malicious Code Injection

    Security researchers from LayerX have identified vulnerabilities in OpenAI's Atlas browser that enable attackers to inject malicious code into the browser's memory. This flaw allows for remote code execution and the…

    5 articles · Updated October 28, 2025
  • AI Misidentification Leads to Teen's Arrest Over Snack Bag

    A 16-year-old student in Baltimore, Maryland, was handcuffed by police after an AI system mistakenly identified a bag of Doritos as a firearm. This incident has prompted discussions regarding the reliability and ethics…

    2 articles · Updated October 29, 2025

Recent Intelligence Reports

  • Attackers Hijack 200+ Sites by Exploiting Magento Vulnerability — Cyberpress · January 30, 2026
  • eCommerce platforms face AI — Securitybrief.Au · November 26, 2025
  • Cybersecurity News Weekly Newsletter – EY Data Leak, Bind 9, Chrome Vulnerability, and ... — Cybersecuritynews · November 2, 2025
  • BlueNoroff Expands Cyberattacks with AI — Esecurityplanet · October 29, 2025
  • LayerX Exposes Critical Flaw in OpenAI’s ChatGPT Atlas Browser — Esecurityplanet · October 28, 2025
  • AI Misfire: Teen Handcuffed After AI Mistakes Doritos for Gun — Esecurityplanet · October 28, 2025

CVSS v3.1 Breakdown