ThinkPHP vulnerability -actively exploited. All it takes is a single line of code to scan and then exploited with attacks involving simple cut-and-paste code that is widely available.

ThinkPHP is popular in Asia-Pacific region however, the researcher says that attackers are actively scanning systems across the globe, including Europe and the US. "I'm seeing about 600 scans a day for it," he explains. "They're scanning across all verticals, software companies, car rentals, and others."

https://www.darkreading.com/vulnerabilities-and-threats/new-attacks-target-recent-php-framework-vulnerability/d/d-id/1333676