PHP Source code compromised

Hxxx · March 2021

Strange that important news such as this one are not being shared on these green* communities.
I can't stand the other forum with the same providers always trending at the top, so I'll share here.

So the news, PHP source code / internal GIT apparently was compromised and a few malicious commits were done impersonating some important recognized developers.

They decided to discard their internal GIT server and move the source code to Github.

There is more to this news so you might want to read about it from other sources.

Source: google it.

benj0x · March 2021

Source: https://news-web.php.net/php.internals/113838

or for further reading: "https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/"

Mason · March 2021

Wow, scary stuff! Nice that it was identified and caught before it made it into any releases. Thanks for sharing

mikho · March 2021

similar to the Solarwinds hack.
Perhaps this is the trend, going direct on the source.

Makes sense, it has a greater impact if successful.

Mason · March 2021

@mikho said:
similar to the Solarwinds hack.
Perhaps this is the trend, going direct on the source.

Makes sense, it has a greater impact if successful.

VestaCP as well if I'm remembering right

mikho · March 2021

@Mason said:

@mikho said:
similar to the Solarwinds hack.
Perhaps this is the trend, going direct on the source.

Makes sense, it has a greater impact if successful.

VestaCP as well if I'm remembering right

Yeah, forgot that

PHP Source code compromised

Comments