"Magecart Attackers Pioneer Persistent E-Commerce Backdoor"
"Magecart Attackers Pioneer Persistent E-Commerce Backdoor"
Magecart attackers are stashing persistent backdoors within e-commerce websites that can automatically push malware. According to Sansec researchers, the threat actors are exploiting a critical command injection vulnerability, tracked as CVE-2024-20720 with a CVSS score of 9.1, in the Adobe Magento e-commerce platform. It enables arbitrary code execution without user interaction.