Ars Technica

PHP vulnerability allows attackers to run malicious code on Windows servers

99% of web servers using PHP are running linux, so "oh no...anyway." Most people running Windows web servers are doing it for .NET and not using PHP. Click to expand... At first I had the same ...
Bleeping Computer

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target ...
InfoWorld

Facebook’s Hack programming language builds code safety into PHP

Facebook has released a programming language called Hack, which marries the ease of PHP with the rigorous safety controls of older languages such as C++. PHP programmers should easily understand Hack, ...
ZDNet

Nasty PHP7 remote code execution bug exploited in the wild

A recently patched security flaw in modern versions of the PHP programming language is being exploited in the wild to take over servers, ZDNet has learned from threat intelligence firm Bad Packets.
Bleeping Computer

WordPress fixes POP chain exposing websites to RCE attacks

WordPress has released version 6.4.2 that addresses a remote code execution (RCE) vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website.
PC World

Facebook speeds PHP by crafting a PHP virtual machine

Social networking giant Facebook has taken another step at making the PHP Web programming language run more quickly. The company has developed a PHP Virtual Machine that it says can execute the ...