Ars Technica

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, ...
Threat Post

New Exploits Arrive for Old PHP Vulnerability

New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework. Close to two years ago, ...
Yahoo Finance

Critical PHP vulnerability under widespread cyberattack

CVE-2024-4577, a critical argument-injection vulnerability that affects PHP installations in Windows systems, has come under widespread exploitation in several countries such as the U.S. and United ...

Can We Trust AI To Write Vulnerability Checks? Here's what we found

Can AI speed up writing vulnerability checks without sacrificing quality? Intruder put it to the test. Their researchers found where AI helps, where it falls short, and why human oversight is still ...
Bleeping Computer

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...