WeLiveSecurity

Backdoor added to PHP source code in Git server breach

Unknown attackers compromised the official PHP Git server and planted a backdoor in the source code of the programming language, potentially putting websites using the tainted code at risk of complete ...
Dark Reading

Attackers Target PHP Git Server to Backdoor Source Code

Attackers have breached the official PHP Git server and infected its code base, PHP developers and maintainers report. They have decided to make GitHub the permanent source for PHP repositories going ...
ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
Krebs on Security

‘Trojan Source’ Bug Threatens the Security of All Code

Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted ...