"PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks"

A recently disclosed PHP security flaw has been used to deliver Remote Access Trojans (RATs), cryptocurrency miners, and Distributed Denial-of-Service (DDoS) botnets. The vulnerability, tracked as CVE-2024-4577, with a CVSS score of 9.8, enables an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. According to Akamai researchers, attackers can escape the command line and pass arguments to be interpreted directly by PHP, through the exploitation of the vulnerability. This article continues to discuss the exploitation of the recently disclosed PHP vulnerability.

THN reports "PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks"

Submitted by grigby1
 

Submitted by Gregory Rigby on