Imperva has honeypots up and running that detect web servers being attacked with this exploit. From the intelligence gathered, the provider of enterprise security publishes the technical background and analysis of the vulnerability and exploitation techniques, Samples of the attack vectors captured in the wild, industrialized cybercrime aspects of this vulnerability and mitigation techniques.
Read Imperva’s Threat Advisory here – http://blog.imperva.com/2014/03/threat-advisory-php-cgi-at-your-command.html