Dark Reading

TellYouThePass Ransomware Group Exploits Critical PHP Flaw

A threat group is exploiting a critical, easily exploitable PHP bug for remote code execution (RCE) in living-off-the-land style ransomware attacks that target businesses and individuals running both ...
Bleeping Computer

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target ...
Ars Technica

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, ...