cognitive cybersecurity intelligence

News and Analysis

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have exploited a vulnerability in PHP programming language that allows them to execute malicious code on web servers. Security firm Censys detected the flaw resulted in 1,000 servers infected by a ransomware strain called TellYouThePass, primarily in China. All infected files were given a .locked extension, with a ransom note demanding a $6,500 decryption key. The vulnerability, dubbed CVE-2024-4577, affects PHP when it runs in CGI mode. A security patch was issued on 6 June.

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

News and Analysis

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Subscribe to newsletter

More Posts

ClickFix Attack Targets Devs with MacSync Malware via Fake Claude Tools – Hackread

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

Kubernetes CSI Driver for NFS Vulnerability Lets Attackers Delete or Modify NFS Server Directories

New Windows 11 25H2/24H2 Update Fixes Bluetooth Devices Visibility Issues

Products

Solutions

Healthcare cybersecurity

Healthcare Threat Intelligence

Use Cases

News and Analysis

Insights

Company