PHP 8.5 focusses on readability, debugging features and more security

Release Candidate 1 for PHP 8.5 is now available. The Release Manager confirms the scheduled development status and the ...
Bleeping Computer

PHP fixes critical RCE flaw impacting all versions for Windows

A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide. PHP is a ...
Ars Technica

Nasty bug with very simple exploit hits PHP just in time for the weekend

A critical vulnerability in the PHP programming language can be trivially exploited to execute malicious code on Windows devices, security researchers warned as they urged those affected to take ...
heise online

Security updates: PHP 8.3.12 and 8.2.24 plug critical security leaks

Admins who were about to head off for the weekend should quickly get back to the administration PC: The PHP developers have released versions 8.3.12 and 8.2.24. These close security gaps, some of ...
Bleeping Computer

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...
Ars Technica

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, ...