cognitive cybersecurity intelligence

News and Analysis


Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Ransomware criminals have exploited a vulnerability in PHP programming language that allows them to execute malicious code on web servers. Security firm Censys detected the flaw resulted in 1,000 servers infected by a ransomware strain called TellYouThePass, primarily in China. All infected files were given a .locked extension, with a ransom note demanding a $6,500 decryption key. The vulnerability, dubbed CVE-2024-4577, affects PHP when it runs in CGI mode. A security patch was issued on 6 June.

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts