Adobe Magneto: una pericolosa minaccia RCE per i siti di e-commerce

Gli specialisti di Sicurezza Informatica hanno avvertito che gli #hacker stanno già sfruttando una nuova #vulnerabilità in #Magento (CVE-2024-20720) e l'utilizzatore per implementare una #backdoor persistente sui siti di e-commerce.

#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

https://www.redhotcyber.com/post/adobe-magneto-una-pericolosa-rce-minaccia-i-siti-di-e-commerce/

Adobe Magneto: una pericolosa RCE minaccia i siti di e-commerce

Una pericolosa falla di sicurezza consente agli utenti malintenzionati di eseguire codice remoto sui siti web Adobe Magneto.

^{Redazione RHC (Red Hot Cyber)}

Three years ago, #FDroid had a similar kind of attempt as the #xz #backdoor. A new contributor submitted a merge request to improve the search, which was oft requested but the maintainers hadn't found time to work on. There was also pressure from other random accounts to merge it. In the end, it became clear that it added a #SQLinjection #vuln. In this case, we managed to catch it before it was merged. Since similar tactics were used, I think its relevant now

https://gitlab.com/fdroid/fdroidclient/-/merge_requests/889

Search improvements: Sort based on keyword matching and removed alphabetic sort (!889) · Merge requests · F-Droid / Client · GitLab

The search results are pretty unusable currently. So I've changed it to show apps in this order: App name matches keyword, summary matches keyword, description matches keyword. Also,...

^GitLab