PC World

Hackers Abuse PHP Setting to Inject Malicious Code Into Websites

Attackers have begun to abuse a special PHP configuration directive in order to insert malicious code into websites hosted on dedicated and virtual private servers (VPS) that have been compromised.
ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
InfoWorld

Hackers abuse PHP setting to inject malicious code into websites

Attackers have begun to abuse a special PHP configuration directive in order to insert malicious code into websites hosted on dedicated and VPS (virtual private servers) that have been compromised.