Orange Tsai tweeted a few hours ago about “One of [his] PHP vulnerabilities, which affects XAMPP by default”, and we were curious to say the least. XAMPP is a very popular way for administrators and developers to rapidly deploy Apache, PHP, and a bunch of other tools, and any bug that could give us RCE in its default installation sounds pretty tantalizing. Fortunately, for defenders, the bug has o
![No Way, PHP Strikes Again! (CVE-2024-4577)](https://cdn-ak-scissors.b.st-hatena.com/image/square/4c62099b92062b5ee999d9fad058ae4b315c0637/height=288;version=1;width=512/https%3A%2F%2Flabs.watchtowr.com%2Fcontent%2Fimages%2Fsize%2Fw1200%2F2024%2F06%2Fnoway.png)