php group News Articles
Recent news articles refferecing the vendors vulnerabilities.
CybersecurityNewsCVE-2025-1219Critical PHP Vulnerability Let Hackers Bypass the Validation To Load Malicious Content
A critical vulnerability in PHP's libxml streams has been identified, potentially impacting web applications that rely on the DOM or SimpleXML extensions for HTTP requests.
The Hacker NewsCVE-2024-4577Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Hackers exploit PHP flaw (CVE-2024-4577) to deploy Quasar RAT and XMRig miners, with Taiwan hit hardest. Update PHP now to mitigate risks.
Critical 9.8 PHP flaw exploited in US, Japan and Singapore
Security pros say exploitation of critical PHP flaw could lead to system compromise and ransomware attacks.
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation.
Security AffairsCVE-2024-4577Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577
Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. Over 1,000 attacks detected globally.
Critical PHP vulnerability under widespread cyberattack
Telemetry data shows spikes in exploits of CVE-2024-4577 across several countries in recent months.
Critical PHP Vulnerability Under Mass Exploitation
GreyNoise warns of mass exploitation of critical vulnerability (CVE-2024-4577) in PHP leading to remote code execution on vulnerable servers.
The Hacker NewsCVE-2024-4577PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
Hackers exploit CVE-2024-4577 to breach Japanese firms, leveraging Cobalt Strike, PowerShell, and advanced persistence techniques.
CybersecurityNewsCVE-2024-4577PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner
A significant PHP server vulnerability identified as CVE-2024-4577 was exploited to inject PacketCrypt Classic Cryptocurrency Miner.
cyfirmaCVE-2024-4577PHP CGI Argument Injection (CVE-2024-4577)- Vulnerability Analysis and Exploitation - CYFIRMA
Published On : 2024-07-08 EXECUTIVE SUMMARY CVE-2024-4577 is a critical PHP CGI vulnerability that allows for argument injection leading to remote code execution. The vulnerability is particularly...
@SecurelistAnalyzing the vulnerability landscape in Q2 2024
The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024.
Hackers use PHP exploit to backdoor Windows systems with new malware
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577).
高危!PHP CGI Windows平台远程代码执行漏洞风险通告
近日,亚信安全CERT监控到安全社区研究人员发布安全通告,披露了PHP CGI Windows平台存在远程代码执行漏洞(CVE-2024-4577)。该漏洞发生在PHP在Window平台运行且使用特定语系的情况下。攻击者可在无需登陆的情况下,构造恶意请求绕过CVE-2012-1823 的保护,执行任意PHP代码。
ITSec.RuCVE-2024-4577Недавно выявленная уязвимость в PHP стала мишенью сразу для нескольких групп
RCE-уязвимость CVE-2024-4577, оцененная в 9.8 баллов по шкале CVSS, позволяет атакующим удалённо выполнять вредоносные команды на системах Windows с китайской и японской локализацией.
Security AffairsCVE-2024-4577Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware
Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families.
Security AffairsCVE-2024-4577Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware
Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families.
CybersecurityNewsCVE-2024-4577Critical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild
A critical vulnerability in PHP, tracked as CVE-2024-4577, is being actively exploited by threat actors just days after its public disclosure in June 2024.
CybersecurityNewsCVE-2024-4577Critical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild
A critical vulnerability in PHP, tracked as CVE-2024-4577, is being actively exploited by threat actors just days after its public disclosure in June 2024.
The Hacker NewsCVE-2024-4577PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks
Critical PHP flaw CVE-2024-4577 exploited for remote access trojans, cryptominers, and DDoS botnets. Update PHP now.
watchTowr Labs - BlogCVE-2024-4577No Way, PHP Strikes Again! (CVE-2024-4577)
Orange Tsai tweeted a few hours ago about “One of [his] PHP vulnerabilities, which affects XAMPP by default”, and we were curious to say the least. XAMPP is a very popular way for administrators and developers to rapidly deploy Apache, PHP, and a bunch of other tools, and any bug
Help Net SecurityCVE-2024-4577PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) - Help Net Security
An command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang.
TellYouthePass Ransomware Group Exploits Critical PHP Flaw
An RCE vulnerability that affects the Web scripting language on Windows systems is easy to exploit and can provide a broad attack surface.
Telegram MessengerThe Bug Bounty Hunter
The Bug Bounty Hunter Refining your HTTP perspective, with bambdashttps://portswigger.net/research/adjusting-your-http-perspective-with-bambdas PortSwigger Research Refining your HTTP perspective,...
TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers
The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems.
StormshieldCVE-2024-4577PHP-CGI Vulnerability in Windows Servers | CVE-2024-4577
Security Alert on the PHP-CGI service on Windows Servers and Stormshield Network Security protection against CVE-2024-4577.
BankInfoSecurityCVE-2024-4577Critical PHP Vulnerability Threatens Windows Servers
A critical remote code execution vulnerability in PHP for Windows, affecting all releases since version 5.x, requires immediate action from server administrators.
ImpervaCVE-2024-4577Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware | Imperva
CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware
CensysCVE-2024-4577June 10, 2024: PHP-CGI Argument Injection Vulnerability Could Lead to Remote Code Execution
Discover details about the critical CVE-2024-4577 vulnerability affecting PHP on Windows, which allows remote code execution. Get insights on the issue, impact, patch availability, and detection methods for this high-severity flaw.
wiz.ioCVE-2024-4577CVE-2024-4577 RCE in PHP CGI: Everything you need to know | Wiz Blog
Detect and mitigate CVE-2024-4577, a critical remote code execution vulnerability in PHP CGI. Organizations are advised to patch urgently.
PHP Patches Critical Remote Code Execution Vulnerability
PHP has released patches for CVE-2024-4577, a critical vulnerability that could lead to arbitrary code execution on remote servers.
Security AffairsCVE-2024-4577PHP addressed critical RCE potentially impacting millions of servers
A new PHP for Windows RCE flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide.
GovInfoSecurityCVE-2024-4577Critical PHP Vulnerability Threatens Windows Servers
A critical remote code execution vulnerability in PHP for Windows, affecting all releases since version 5.x, requires immediate action from server administrators.
PHP updates urged over critical vulnerability that could lead to RCE
Administrators are being advised to update their systems following the disclosure of a critical vulnerability in PHP.
The Hacker NewsCVE-2024-4577New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
New Critical PHP Vulnerability CVE-2024-4577 allows remote code execution on Windows.
Duo SecurityCVE-2024-4577Critical PHP Flaw CVE-2024-4577 Patched
A critical remote code execution bug (CVE-2024-4577) in all versions of PHP on Windows has been patched. The bug also affects all Windows versions of XAMPP.
Ars TechnicaCVE-2024-4577Nasty bug with very simple exploit hits PHP just in time for the weekend
With PoC code available and active Internet scans, speed is of the essence.
SecurityLab.ruCVE-2024-4577CVE-2024-4577: критическая RCE-уязвимость в PHP на Windows
Общедоступный эксплойт вносит свои коррективы в реагирование на уязвимость.
PHP修補CGI參數可被用於注入攻擊的弱點,若不處理攻擊者有可能發動遠端程式碼執行攻擊
臺灣資安業者戴夫寇爾針對他們向PHP通報的重大層級漏洞CVE-2024-4577提出警告,並指出所有Windows版本的PHP都存在相關漏洞,即使是執行舊版PHP的網站,管理員也應該進一步確認是否曝險,並採取相關緩解措施
SecNews.grCVE-2024-4577PHP: Διόρθωση ευπάθειας που επηρεάζει όλες τις εκδόσεις Windows
Μια νέα ευπάθεια στη γλώσσα PHP για Windows επιτρέπει απομακρυσμένη εκτέλεση κώδικα (RCE) και επηρεάζει όλες τις εκδόσεις από την έκδοση 5.x.
CyberDefence24CVE-2024-4577Krytyczna podatność w PHP. Setki tysięcy narażonych urządzeń
Krytyczna podatność w PHP pozwala na zdalne wykonanie kodu. Należy niezwłocznie wgrać stosowne poprawki.
PHP fixes critical RCE flaw impacting all versions for Windows
A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide.
Sicherheitspatch nachgebessert: Schadcode-Attacken auf PHP möglich
Angreifer können unter Windows den Schutz für eine PHP-Sicherheitslücke aus 2012 umgehen. Eigentlich sollte die Lücke längst geschlossen sein.
Critical PHP Vulnerabilities Let Attackers Inject Commands : Patch Now
Multiple vulnerabilities have been identified in PHP that are associated with Command Injection, Cookie Bypass, Account takeover and Denial
Linux SecurityMageia 2024-0132: php Security Advisory Updates | LinuxSecurity.com
Mageia 2024-0132: php Security Advisory Updates - MGASA-2024-0132Updated php packages fix security vulnerabilities Publication date: 13 Apr 2024 URL:
dailydarkweb.netCritical PHP Vulnerabilities Exposed: Urgent Updates Needed to Safeguard Against Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757) - Daily Dark Web
Critical PHP Vulnerabilities Exposed: Urgent Updates Needed to Safeguard Against Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757) Discover the latest security threats and database leaks, including unauthorized VPN access and email breaches, in the cyber un...
BNN BreakingEnhanced Security for Ubuntu Users: Key Updates Address Critical PHP Vulnerabilities
Explore the recent updates targeting critical vulnerabilities in PHP, enhancing digital security for Ubuntu users. Learn about CVE-2023-3823 and CVE-2023-3824, the impact of timely updates, and the broader implications for online security in today's interconnected world.