PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors

Updated on March 7, 2025

Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025.
“The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in a technical…

Read the rest of the story at Read More

Source: The Hacker News

November 6, 2024 Uncategorized

INTERPOL Disrupts Over 22,000 Malicious ...

March 27, 2025 Uncategorized

CISA Warns of Sitecore RCE Flaws; Active...

January 4, 2024 Uncategorized

PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors

Related posts

INTERPOL Disrupts Over 22,000 Malicious ...

CISA Warns of Sitecore RCE Flaws; Active...

Beware: 3 Malicious PyPI Packages Found ...

Leave a Comment Cancel reply

Recent News

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support