PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors

Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines," Cisco Talos researcher Chetan Raghuprasad said in a technical

Posted from: Click here for the full article.

留言

此網誌的熱門文章

What Is Attack Surface Management?

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables