Over 250 attacks have been reported in just 24 hours targeting Adobe Commerce and Magento due to a critical flaw tracked as CVE-2025-54236. This vulnerability allows for customer account takeovers via the REST API, with only 38% of stores currently patched.