Ars Technica

Nasty bug with very simple exploit hits PHP just in time for the weekend

A critical vulnerability in the PHP programming language can be trivially exploited to execute malicious code on Windows devices, security researchers warned as they urged those affected to take ...
ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
Bleeping Computer

Spam Botnet Tracked Down to Malicious PHP Script Found on 5,000 Hacked Sites

A malicious PHP script found on over 5,000 compromised websites has been fingered as the source of a large-scale spam campaign that has been silently redirecting users to web pages hosting diet and ...