ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Behind the Google shopping ad masks. "
Episode Synopsis
Maxim Zavodchik from Akamai joins Dave to discuss their research on "Xurum: New Magento Campaign Discovered." Akamai researchers have discovered an ongoing server-side template injection campaign that is exploiting digital commerce websites. This campaign targets Magento 2 shops, and was dubbed Xurum in reference to the domain name of the attacker’s command and control (C2) server.
The research states "The attacker uses an advanced web shell named “wso-ng” that is activated only when the attacker sends the cookie “magemojo000” to the backdoor “GoogleShoppingAds” component."
The research can be found here:
Xurum: New Magento Campaign Discovered
Learn more about your ad choices. Visit megaphone.fm/adchoices
The research states "The attacker uses an advanced web shell named “wso-ng” that is activated only when the attacker sends the cookie “magemojo000” to the backdoor “GoogleShoppingAds” component."
The research can be found here:
Xurum: New Magento Campaign Discovered
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast Research Saturday
Don’t trust that app!
03/01/2026
Excel-lerating cyberattacks.
27/12/2025
The lies that let AI run amok.
20/12/2025
Root access to the great firewall.
13/12/2025
When macOS gets frostbite.
06/12/2025
A new stealer hiding behind AI hype.
29/11/2025
Two RMMs walk into a phish…
22/11/2025
When clicks turn criminal.
15/11/2025
A fine pearl gone rusty.
08/11/2025
Attack of the automated ops.
01/11/2025
In God we trust