Dark Reading

TellYouThePass Ransomware Group Exploits Critical PHP Flaw

A threat group is exploiting a critical, easily exploitable PHP bug for remote code execution (RCE) in living-off-the-land style ransomware attacks that target businesses and individuals running both ...
heise online

CISA warns: Critical PHP bug is being exploited by ransomware

The recently published and fixed critical PHP bug with the CVE identifier CVE-2024-4577 is being actively exploited. CISA warns of this by including it in its database of "known exploited ...