The window keeps closing down. Multiple hacking groups began exploiting a critical PHP bug just one day after it was announced. The bug is tracked as CVE-2024-4577.
The bug affects PHP installations running in CGI mode, particularly on Windows and systems that use Chinese or Japanese locales.
While it started focused on Windows and Chinese/Japanese locales, assume the attack surface will expand. If it hasn’t already.
PHP 8.3.9 is the latest production version and 8.4 is in early release.
PHP is used in a large percentage of websites with products like WordPress based on it. But, it is also used in many other non-Wordpress websites.
akamai has identified at least four different malware campaigns exploiting the bug.
Details at Data Breach Today