Threat Post

Severe PHP Exploit Threatens WordPress Sites with Remote Code Execution

The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF. Researchers have created a proof-of-concept exploit that would ...
Fast Company

Hackers put a back door in a code library that powers 79% of websites

On Sunday some malicious actors tried to install a back door into the PHP code library, a server-side programming language that powers 79% of sites on the internet, including Facebook and Wikipedia.
Threat Post

PHP Applications, WordPress Subject to Ghost glibc Vulnerability

Researchers at Sucuri revealed that applications such as WordPress that support PHP could also be subject to the Ghost vulnerability in glibc. Less than 48 hours after the disclosure of the Ghost ...
heise online

Ransomware: Unknown attackers leak LockBit database – thanks to PHP exploit?

"Don't be a criminal, crime is bad, hugs and kisses from Prague" – is how several of the darknet pages of the LockBit ransomware received visitors on May 7, 2025. Apparently, unknown persons had ...