cognitive cybersecurity intelligence

News and Analysis

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have exploited a vulnerability in PHP programming language that allows them to execute malicious code on web servers. Security firm Censys detected the flaw resulted in 1,000 servers infected by a ransomware strain called TellYouThePass, primarily in China. All infected files were given a .locked extension, with a ransom note demanding a $6,500 decryption key. The vulnerability, dubbed CVE-2024-4577, affects PHP when it runs in CGI mode. A security patch was issued on 6 June.

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems

Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems

QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network video surveillance solution. Disclosed on

Redditor loses PC to "Batman Arkham Knight" malware – Sportskeeda Tech

Redditor loses PC to "Batman Arkham Knight" malware – Sportskeeda Tech

Redditor loses PC to “Batman Arkham Knight” malware Sportskeeda Tech

Booz Allen’s Vellox brings AI vs. AI defense to protect critical infrastructure and national security

Booz Allen’s Vellox brings AI vs. AI defense to protect critical infrastructure and national security

Booz Allen Hamilton’s new Vellox suite showcases how AI-native cyber defense can counter growing threats to U.S. national security and critical infrastructure. The company’s new

Building a Layered Security Stack: Identity, Network and Device Protection

Building a Layered Security Stack: Identity, Network and Device Protection

Build a layered security stack with identity network and device protection using MFA SSO VPN and endpoint tools to reduce cyber risks. The post Building