Bleeping Computer

PHP's Git server hacked to add backdoors to PHP source code

In the latest software supply chain attack, the official PHP Git repository was hacked and the code base tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository ...
Ars Technica

Hackers backdoor PHP source code after breaching internal git server

A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open ...
Computerworld

Facebook’s PHP leak SNAFU (and kuplamuovi)

No bubblewrap was harmed in the making of Tuesday’s IT Blogwatch: in which Facebook suffers a self-inflicted source code leak. Not to mention, uhhh, the harming of bubblewrap… I have heard Heather ...
Ars Technica

Malicious code added to open-source Piwik following website compromise

Hackers inserted malicious code into the open-source Piwik analytics software after compromising the Web server used for downloads. The attackers compromised Piwik.org by exploiting a security ...