php group News Articles
Recent news articles refferecing the vendors vulnerabilities.
Multiple PHP Vulnerabilities Allow SQL Injection & DoS Attacks - Update Now
Critical security vulnerabilities have been discovered in PHP that could allow attackers to execute SQL injection attacks.
CybersecurityNewsCVE-2025-1219Critical PHP Vulnerability Let Hackers Bypass the Validation To Load Malicious Content
A critical vulnerability in PHP's libxml streams has been identified, potentially impacting web applications that rely on the DOM or SimpleXML extensions for HTTP requests.
The Hacker NewsCVE-2024-4577Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Hackers exploit PHP flaw (CVE-2024-4577) to deploy Quasar RAT and XMRig miners, with Taiwan hit hardest. Update PHP now to mitigate risks.
Critical 9.8 PHP flaw exploited in US, Japan and Singapore
Security pros say exploitation of critical PHP flaw could lead to system compromise and ransomware attacks.
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation.
Security AffairsCVE-2024-4577Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577
Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. Over 1,000 attacks detected globally.
Critical PHP Vulnerability Under Mass Exploitation
GreyNoise warns of mass exploitation of critical vulnerability (CVE-2024-4577) in PHP leading to remote code execution on vulnerable servers.
Critical PHP vulnerability under widespread cyberattack
Telemetry data shows spikes in exploits of CVE-2024-4577 across several countries in recent months.
The Hacker NewsCVE-2024-4577PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
Hackers exploit CVE-2024-4577 to breach Japanese firms, leveraging Cobalt Strike, PowerShell, and advanced persistence techniques.
CybersecurityNewsCVE-2024-4577PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner
A significant PHP server vulnerability identified as CVE-2024-4577 was exploited to inject PacketCrypt Classic Cryptocurrency Miner.
cyfirmaCVE-2024-4577PHP CGI Argument Injection (CVE-2024-4577)- Vulnerability Analysis and Exploitation - CYFIRMA
Published On : 2024-07-08 EXECUTIVE SUMMARY CVE-2024-4577 is a critical PHP CGI vulnerability that allows for argument injection leading to remote code execution. The vulnerability is particularly...
@SecurelistAnalyzing the vulnerability landscape in Q2 2024
The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024.
Hackers use PHP exploit to backdoor Windows systems with new malware
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577).
高危!PHP CGI Windows平台远程代码执行漏洞风险通告
近日,亚信安全CERT监控到安全社区研究人员发布安全通告,披露了PHP CGI Windows平台存在远程代码执行漏洞(CVE-2024-4577)。该漏洞发生在PHP在Window平台运行且使用特定语系的情况下。攻击者可在无需登陆的情况下,构造恶意请求绕过CVE-2012-1823 的保护,执行任意PHP代码。
ITSec.RuCVE-2024-4577Недавно выявленная уязвимость в PHP стала мишенью сразу для нескольких групп
RCE-уязвимость CVE-2024-4577, оцененная в 9.8 баллов по шкале CVSS, позволяет атакующим удалённо выполнять вредоносные команды на системах Windows с китайской и японской локализацией.
Security AffairsCVE-2024-4577Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware
Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families.
Security AffairsCVE-2024-4577Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware
Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families.
CybersecurityNewsCVE-2024-4577Critical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild
A critical vulnerability in PHP, tracked as CVE-2024-4577, is being actively exploited by threat actors just days after its public disclosure in June 2024.
CybersecurityNewsCVE-2024-4577Critical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild
A critical vulnerability in PHP, tracked as CVE-2024-4577, is being actively exploited by threat actors just days after its public disclosure in June 2024.
The Hacker NewsCVE-2024-4577PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks
Critical PHP flaw CVE-2024-4577 exploited for remote access trojans, cryptominers, and DDoS botnets. Update PHP now.
watchTowr Labs - BlogCVE-2024-4577No Way, PHP Strikes Again! (CVE-2024-4577)
Orange Tsai tweeted a few hours ago about “One of [his] PHP vulnerabilities, which affects XAMPP by default”, and we were curious to say the least. XAMPP is a very popular way for administrators and developers to rapidly deploy Apache, PHP, and a bunch of other tools, and any bug
Help Net SecurityCVE-2024-4577PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) - Help Net Security
An command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang.
TellYouthePass Ransomware Group Exploits Critical PHP Flaw
An RCE vulnerability that affects the Web scripting language on Windows systems is easy to exploit and can provide a broad attack surface.