What Security Teams Need to Know as PHP and IoT Exploits Surge  

Qualys TRU reports a surge in automated attacks that scan for and exploit known PHP, IoT, and cloud vulnerabilities and misconfigurations—leveraged by botnets like Mirai, Gafgyt, and Mozi—to gain remote code execution, harvest secrets, and expand botnet membership; the report details specific CVEs, example exploit payloads, commonly probed file paths and cloud-origin scanning infrastructure, and concludes with pragmatic mitigation guidance (patching, removing debug tools, protecting secrets, and hardening cloud exposure).