PHP Source code compromised
Hxxx
OG
Strange that important news such as this one are not being shared on these green* communities.
I can't stand the other forum with the same providers always trending at the top, so I'll share here.
So the news, PHP source code / internal GIT apparently was compromised and a few malicious commits were done impersonating some important recognized developers.
They decided to discard their internal GIT server and move the source code to Github.
There is more to this news so you might want to read about it from other sources.
Source: google it.
Tagged:
Comments
Source: https://news-web.php.net/php.internals/113838
or for further reading: "https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/"
Wow, scary stuff! Nice that it was identified and caught before it made it into any releases. Thanks for sharing
Humble janitor of LES
Proud papa of YABS
similar to the Solarwinds hack.
Perhaps this is the trend, going direct on the source.
Makes sense, it has a greater impact if successful.
https://clients.mrvm.net
VestaCP as well if I'm remembering right
Humble janitor of LES
Proud papa of YABS
Yeah, forgot that
https://clients.mrvm.net