Persistent backdoors injected on Adobe Commerce via new CosmicSting attack

CosmicSting (CVE-2024-34102) allows arbitrary file reading on unpatched systems. When combined with CNEXT (CVE-2024-2961), threat actors can escalate to remote code execution, taking over the entir…

Read Full Article on Sansec.io →