Ars Technica

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, ...
Threat Post

New Exploits Arrive for Old PHP Vulnerability

New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework. Close to two years ago, ...
Infosecurity-magazine.com

Old Vulnerability at the Heart of Escalating PHP Botnet Attacks

The gambit, analyzed in a detailed customer threat advisory that Imperva shared with Infosecurity, allows an external attacker to set command line options for the PHP execution engine. Such command ...
Yahoo Finance

Critical PHP vulnerability under widespread cyberattack

CVE-2024-4577, a critical argument-injection vulnerability that affects PHP installations in Windows systems, has come under widespread exploitation in several countries such as the U.S. and United ...
Bleeping Computer

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...