PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors
Cyber attackers are actively exploiting a vulnerability in PHP-CGI to compromise organizations across Japan’s technology, telecom, and e-commerce sectors. The campaign, ongoing since January 2025, uses the CVE-2024-4577 flaw to gain remote access to Windows systems, deploying post-exploitation tools to deepen infiltration.