UPDATE: CVE-2024-7399 exploitation activity against Samsung MagicINFO 9 Server instances has escalated since our 48-hour assessment. Threat actors are leveraging the arbitrary file write vulnerability to deploy persistent backdoors on affected digital signage infrastructure in retail and hospitality sectors. Patch deployment remains critically delayed across 73 percent of monitored enterprise endpoints.