Dark Reading

TellYouThePass Ransomware Group Exploits Critical PHP Flaw

A threat group is exploiting a critical, easily exploitable PHP bug for remote code execution (RCE) in living-off-the-land style ransomware attacks that target businesses and individuals running both ...
Bleeping Computer

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...