Security researchers at Bitdefender Labs have detected a significant surge in exploitation attempts targeting a critical PHP vulnerability that allows attackers to execute malicious code on Windows-based systems.

The vulnerability, tracked as CVE-2024-4577, has been actively exploited since June 2024, with attackers primarily deploying cryptocurrency miners and remote access tools on compromised servers.