Old Vulnerability at the Heart of Escalating PHP Botnet Attacks
Back in October 2013, a public exploit for the PHP server-side framework was disclosed, using a command injection vulnerability found in May 2012 and categorized as CVE-2012-1823. Now, it appears that cybercriminals are still using it, despite the vuln…