Fast Company

Hackers put a back door in a code library that powers 79% of websites

On Sunday some malicious actors tried to install a back door into the PHP code library, a server-side programming language that powers 79% of sites on the internet, including Facebook and Wikipedia.
Bleeping Computer

Hacker says hijacking libraries, stealing AWS keys was ethical research

Yesterday, developers took notice of two hugely popular Python and PHP libraries, respectively, 'ctx' and 'PHPass' that had been hijacked, as first reported in the news by BleepingComputer. Both of ...

Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.
Bleeping Computer

PHP's Git server hacked to add backdoors to PHP source code

In the latest software supply chain attack, the official PHP Git repository was hacked and the code base tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository ...
WeLiveSecurity

Backdoor added to PHP source code in Git server breach

Unknown attackers compromised the official PHP Git server and planted a backdoor in the source code of the programming language, potentially putting websites using the tainted code at risk of complete ...