Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines," Cisco Talos researcher Chetan Raghuprasad said in a technical
![]()
source https://thehackernews.com/2025/03/php-cgi-rce-flaw-exploited-in-attacks.html
source https://thehackernews.com/2025/03/php-cgi-rce-flaw-exploited-in-attacks.html