CSOonline

PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure. Unknown attackers managed to break ...
ZDNet

Nasty PHP7 remote code execution bug exploited in the wild

A recently patched security flaw in modern versions of the PHP programming language is being exploited in the wild to take over servers, ZDNet has learned from threat intelligence firm Bad Packets.
ZDNet

FBI: Hackers used malicious PHP code to grab credit card data

The Federal Bureau of Investigations (FBI) is warning that someone is scraping credit card data from the checkout pages of US businesses' websites. "As of January 2022, unidentified cyber actors ...