APT / THREAT GROUP
PHP
1
aliases
Intelligence Profile
ransomware
Threat Analysis
PHP is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning PHP
Joomla, LiteSpeed Vulnerabilities Exploited in Attacks
SecurityWeek· Jun 17, 2026
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
The Hacker News· Jun 17, 2026
phpBB forum fixes auth bypass bug lurking for a decade
BleepingComputer· Jun 12, 2026
Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request
Infosecurity Magazine· Jun 9, 2026
Mirasvit Vulnerability Exploited to Execute Code on Magento Servers
SecurityWeek· Jun 4, 2026
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
The Hacker News· May 23, 2026
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
The Hacker News· May 19, 2026
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
The Hacker News· May 5, 2026
Quick Facts
TypeAPT / Threat Group
Aliases1
Also Known As
PHP
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.