php
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. Chinese security firm QAX’s XLab discovered the new PHP malware in late April 2024, but evidence of its deployment, along with other files, dates back to […]
Hackers use PHP exploit to backdoor Windows systems with new malware
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university’s Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). CVE-2024-4577 is a critical PHP-CGI argument injection flaw patched in June that impacts PHP installations running on Windows systems with PHP running in CGI mode. It allows unauthenticated attackers […]
PHP bug executes RCEs, cryptominers and DDoS attacks
Not long after a new PHP bug was disclosed in the late spring, Akamai researchers observed numerous attempts to exploit the vulnerability, which they said indicates high exploitability and quick adoption by threat actors. Because PHP is one of the most popular server-side scripting languages used to create dynamic web pages on more than 75% […]