Threat actors are constantly evolving their TTPs and developing new malicious tools to execute their activities.
Recently, Akamai researchers have noted a concerning trend of attackers exploiting known vulnerabilities, such as the years-old ThinkPHP RCE CVE-2018-20062 and CVE-2019-9082.
Initially detected in October 2023 with limited probes, a much larger campaign resurged in April 2024, exploiting these vulnerabilities to install remote shells.
https://cybersecuritynews.com/hackers-i ... -thinkphp/