Tag: E commerce Websites

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
News

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

It has been discovered that malicious actors are using a serious weakness in Magento to introduce a persistent backdoor into e-commerce websites.According to Adobe, the attack makes use of CVE-2024-20720 (CVSS score: 9.1), a case of "improper neutralization of special elements" that may allow for arbitrary code execution. The company addressed it in security patches that were made available on February 13, 2024.According to Sansec, it found a deftly constructed layout template in the database that is automatically injected with malicious code to carry out arbitrary commands. According to the firm, to execute system commands, attackers combine the Magento layout parser with the beberlei/assert package, which is installed by default read more Hackers Exploit Magento Bug to Steal Payme...