Magecart Hackers Now hide PHP-Based Backdoor In Website Favicons

Cybercrime groups are distributing malicious PHP web shells disguised as a favicon to maintain remote access to the compromised servers and inject JavaScript skimmers into online shopping platforms with an aim to steal financial information from their users.
“These web shells known as Smilodon or Megalodon are used to dynamically load JavaScript skimming code via server-side requests into online

Source:: The Hackers News