News

Bleeping Computer4y
PHP's Git server hacked to add backdoors to PHP source code
PHP official code base migrated to GitHub. As a precaution following this incident, PHP maintainers have decided to migrate the official PHP source code repository to GitHub.
Cryptopolitan4d
Cryptojacking hits markets, Monero miner malware targets 3,500+ sites
Researchers report that over 3,500 websites have been compromised by stealthy JavaScript malware mining Monero without user ...
Ars Technica4y
Hackers backdoor PHP source code after breaching internal git server
PHP.net hacked, code backdoored. The commits were made to the php-src repo under the account names of two well-known PHP developers, Rasmus Lerdorf and Nikita Popov.
Ars Technica1y
Nasty bug with very simple exploit hits PHP just in time for the ...
With PoC code available and active Internet scans, ... Exploits allow attackers to bypass CVE-2012-1823, a critical code execution vulnerability patched in PHP in 2012.
ZDNet3y
FBI: Hackers used malicious PHP code to grab credit card data
The Federal Bureau of Investigations (FBI) is warning that someone is scraping credit card data from the checkout pages of US businesses' websites. "As of January 2022, unidentified cyber actors ...
Threat Post5y
PHP Bug Allows Remote Code-Execution on NGINX Servers
A buffer underflow bug in PHP could allow remote code-execution (RCE) on targeted NGINX servers. First discovered during a hCorem Capture the Flag competition in September, the bug (CVE-2019-11043 ...
ZDNet5y
Nasty PHP7 remote code execution bug exploited in the wild
One such case is web hosting provider Nextcloud, who issued a security advisory to its clients on Thursday, October 24, urging customers to update PHP to the latest release, versions 7.3.11 and 7. ...