Ars Technica

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, ...
SiliconANGLE

Symantec warns of new sophisticated backdoor exploiting patched PHP vulnerability

A new report out today from Symantec, a division of Broadcom Inc., is warning of a new sophisticated backdoor threat that has been spotted in the wild targeting a university in Taiwan. Dubbed Backdoor ...
Threat Post

New Exploits Arrive for Old PHP Vulnerability

New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework. Close to two years ago, ...
Bleeping Computer

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...
Ars Technica

Nasty bug with very simple exploit hits PHP just in time for the weekend

A critical vulnerability in the PHP programming language can be trivially exploited to execute malicious code on Windows devices, security researchers warned as they urged those affected to take ...
InfoWorld

Critical PHP vulnerability exposes servers to data theft — or worse

PHP Group releases updates to fix vulnerability that allows a remote attacker to easily pass command-line switches to servers through URLs A newly reported critical vulnerability in PHP enables ...
PC World

PHP Working on New Patch for Critical Vulnerability After Initial One Failed

The PHP Group plans to release new versions of the PHP processor on Tuesday in order to patch two publicly known critical remote code execution vulnerabilities, one of which was improperly addressed ...