Cybersecurity researchers at Symantec recently identified a new malware that exploits a PHP vulnerability(CVE-2024-4577) in the CGI argument injection flaw. This vulnerability affects all versions of PHP installed on the Windows operating system and eventually executes arbitrary code remotely.
A Taiwanese university has been targeted by a new type of backdoor, Backdoor.Msupedge, which uses a technique that is not commonly used but has already been reported in the past.
https://cybersecuritynews.com/hackers-e ... n-windows/