Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating
Briefly

from Ars Technica7 months ago
The vulnerability, tracked as CVE-2024-4577, allows attackers to exploit PHP's Unicode conversion errors to execute malicious code on web servers through argument injection, bypassing a 2012 patch.
Ars Technicahttps://arstechnica.com/security/2024/06/thousands-of-servers-infected-with-ransomware-via-critical-php-vulnerability/
Exploits target CGI mode in PHP, potentially affecting systems with PHP executables in web-accessible directories like XAMPP, requiring the Windows locale to be Chinese or Japanese.
Ars Technicahttps://arstechnica.com/security/2024/06/thousands-of-servers-infected-with-ransomware-via-critical-php-vulnerability/
Threat actors quickly leveraged CVE-2024-4577 after its June 6 publication to infect servers with TellYouThePass ransomware, demanding around $6,500 for decryption.
Ars Technicahttps://arstechnica.com/security/2024/06/thousands-of-servers-infected-with-ransomware-via-critical-php-vulnerability/
Read at Ars Technica
#ransomware #php-vulnerability #server-security #cybersecurity #threat-actors
[
|
]