Ars Technica

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, ...
Ars Technica

PHP vulnerability allows attackers to run malicious code on Windows servers

99% of web servers using PHP are running linux, so "oh no...anyway." Most people running Windows web servers are doing it for .NET and not using PHP. Click to expand... At first I had the same ...
Bleeping Computer

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...
CRN

Attacks Exploiting ‘Critical’ PHP Vulnerability Have Impacted US: Researcher

The remote code execution flaw affects Windows-based PHP installations, and was initially disclosed in June 2024. Exploitation of a critical-severity vulnerability affecting Windows-based PHP ...
Computerwoche Online

Core Impact puts a vise grip on vulnerabilities

But the real value of any commercial vulnerability scanner is how well the exploits are crafted. Taking nothing away from the incredible team members at Metasploit and Nessus, Core Security ...
Threat Post

New Exploits Arrive for Old PHP Vulnerability

New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework. Close to two years ago, ...