Magento flaw exploited to deploy persistent backdoor hidden in XML | allinfosecnews.com

April 5, 2024, 8:41 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Threat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores. Sansec researchers observed threat actors are exploiting the recently disclosed Magento vulnerability CVE-2024-20720 to deploy a persistent backdoor on e-stores. The vulnerability CVE-2024-20720 (CVSS score of 9.1) is an OS Command (‘OS Command Injection’) vulnerability that could lead to arbitrary code […]

backdoor breaking news command command injection critical cve cve-2024 cvss cvss score cyber crime cybercrime deploy exploited exploiting flaw hacking hidden information security news injection install it information security magento magento vulnerability malware os command persistent pierluigi paganini researchers sansec score stores threat threat actors vulnerability xml

More from securityaffairs.co / Security Affairs

Ticketmaster confirms data breach impacting 560 million customers 11 hours ago | securityaffairs.co

addresses administrator breach breachforums +22

Critical Apache Log4j2 flaw still threatens global finance 16 hours ago | securityaffairs.co

analyst apache apache log4j2 breaking news +31

Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin 17 hours ago | securityaffairs.co

bitcoin breaking news btc cryptocurrency +13

ShinyHunters is selling data of 30 million Santander customers 1 day, 10 hours ago | securityaffairs.co

actor bank breach breaking news +20

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours 1 day, 18 hours ago | securityaffairs.co

72 hours black lotus botnet breaking news +23

LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021 1 day, 20 hours ago | securityaffairs.co

apt apt group asia attacks +19

BBC disclosed a data breach impacting its Pension Scheme members 2 days, 1 hour ago | securityaffairs.co

access bbc breach breaking news +25

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited … 2 days, 12 hours ago | securityaffairs.co

agency breaking news catalog check +31

Experts found a macOS version of the sophisticated LightSpy spyware 2 days, 13 hours ago | securityaffairs.co

breaking news cyber crime cybercrime experts +20

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com