Ars Technica

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, ...
Infosecurity-magazine.com

Old Vulnerability at the Heart of Escalating PHP Botnet Attacks

The gambit, analyzed in a detailed customer threat advisory that Imperva shared with Infosecurity, allows an external attacker to set command line options for the PHP execution engine. Such command ...
Bleeping Computer

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...
CRN

Attacks Exploiting ‘Critical’ PHP Vulnerability Have Impacted US: Researcher

The remote code execution flaw affects Windows-based PHP installations, and was initially disclosed in June 2024. Exploitation of a critical-severity vulnerability affecting Windows-based PHP ...
Computerwoche Online

Core Impact puts a vise grip on vulnerabilities

But the real value of any commercial vulnerability scanner is how well the exploits are crafted. Taking nothing away from the incredible team members at Metasploit and Nessus, Core Security ...
CSOonline

PHP working on new patch for critical vulnerability after initial one failed

The PHP Group plans to release new versions of the PHP processor on Tuesday in order to patch two publicly known critical remote code execution vulnerabilities, one of which was improperly addressed ...