---

PHP RCE flaw actively exploited to pop NGINX servers

A recently patched vulnerability (CVE-2019-11043) in PHP is being actively exploited by attackers to compromise NGINX web servers, threat intelligence firm Bad Packets has confirmed.