Infiniroot Blog: We sometimes write, too.

Of course we cannot always share details about our work with customers, but nevertheless it is nice to show our technical achievements and share some of our implemented solutions.

Vulnerable Magento (Adobe Commerce) stores worldwide attacked through PolyShell and SessionReaper exploits

Published on March 26th 2026

Attacks on Magento (Adobe Commerce) against the SessionReaper and PolyShell vulnerabilities are on the rise.

More recent articles:

Vulnerable Magento (Adobe Commerce) stores worldwide attacked through PolyShell and SessionReaper exploits
Using functions in Service Apply rule to monitor Icinga 2 zones connectivity
How we used Knocknoc to reduce risk of exposure yet allow automated and secure SSH access for developers
Managed Invoice Ninja Servers updated to 5.12.7
Embedded Grafana visualization not loading in Icingaweb UI (Dashboard not found)
kube-proxy pod crash due to netfilter bug in Linux Kernel
Kubernetes IngressNightmare: How Rancher managed clusters are affected and how to mitigate the vulnerability
Infiniroot to sponsor upcoming DevOpsDays Zurich event in Winterthur
Managed Invoice Ninja Servers updated to 5.11.8
Log manipulation and alteration with Logstash mutate filter
2024 review and year end notes
Solving redirect loops and other problems after enabling Cloudflare
Infiniroot servers in new ISO 27001 certified data center
Hosted Znuny and Laravel server added to our managed server portfolio
Analyzing and fixing internal server error after updating Znuny LTS
Digital Signage: Open Source vs. Closed Source Solutions
Mautic 5 is finally available, but beware a minor update bug (to 5.0.1)
We look back to a successful 2023 and our plans for 2024
Managed Invoice Ninja Servers updated to 5.7.51
Quick mitigation for Atlassian Confluence vulnerability CVE-2023-22518 in Nginx Reverse Proxy
Kubernetes Ingress Controller Fake Certificate about to expire in Rancher Kubernetes cluster
Infiniroot celebrates 10 years
Troubleshooting bad server performance caused by hard drives with huge Load Cycle Count
Fully managed Invoice Ninja servers upgraded to Invoice Ninja v 5.5.70
(Performance) Comparison of different compression methods used in combination with mysqldump
How we migrated from ((OTRS)) Community Edition to Znuny LTS
E-mails are not sent anymore after upgrade to Invoice Ninja 5.5.x (Unable to connect with STARTTLS on localhost mailserver)
Altough datacenter costs increase, Infiniroot keeps prices for managed servers and services
Why Grafana panel shows wrong data from check_disk monitoring plugin (IEC vs. SI Byte calculation)
The last day of the old payment slips in Switzerland and an easy change to Swiss QR-Bill invoices
Enhanced Wordpress security (malicious login attempt detection) deployed on all Infiniroot managed LAMP servers
Wordpress (Japanese SEO) hack extracting and executing code from uploaded ZIP file
Dell OpenManage shows degraded storage backplane, but is it?
Cloudflare: How to show a maintenance page but continue traffic to origin server from whitelisted IPs
Cloudflare managed WAF rule blocks Confluence page edit close request (doeditpage.action)
check_rancher2 monitoring getting Authentication failed error on API Key with scope
Invoice Ninja v5: How to make the Account Management setting available to additional (admin) users
Nagios NRPE and the different payload (packet, buffer) sizes using cross-version communication
Nginx Ingress configuration gone after Rancher and Kubernetes update
How to monitor stale zones/domains on PowerDNS secondary (slave) servers
Technical analysis of Wordpress hack with PHP script lock360.php as running process
New vulnerability exploits lead to mass hack attacks on multiple Wordpress installations
Troubleshooting AWS EC2 instance with lost network connectivity (after upgrade to Ubuntu 20.04)
IP address filtering in Logstash: To cidr, or not to cidr?
How to fix a Rancher 2 cluster node stuck registering in downstream cluster (not shown in UI)
Varnish caching combined with HAProxy balancing in Kubernetes deployments (and tackling strange DNS issues)
Using Nginx and LUA script to mitigate against Log4Shell (CVE-2021-44228) vulnerability attacks
Cluster role issues after Kubernetes upgrade: error getting ClusterInformation: connection is unauthorized
Rancher managed Kubernetes (Docker) node unable to pull images after clean-up
Missing calico-node role in Rancher managed Kubernetes cluster after K8s upgrade with RKE

We use 🍪 cookies to ensure you get the best experience on our website. Learn more