"Attackers Target PHP Git Server to Backdoor Source Code"

The developers who maintain the PHP programming language have decided to move the main Git repository for PHP to GitHub after hackers targeted PHP source code in a backdoor attack. Nearly 80 percent of websites on the Internet are written in PHP. Two updates were pushed to the PHP Git server under the account names of two well-known PHP developers Nikita Popov and Rasmus Lerdorf. The two malicious commits appeared to be minor typographical corrections, but upon closer look, the commits added a backdoor that enables hackers to perform remote code execution on websites running the infected version of PHP. The incident has made the PHP Group change how its code infrastructure is run as the PHP maintainers have now decided to discontinue the git.php.net server. All code changes will instead be pushed directly to GitHub. This article continues to discuss the recent targeting of the PHP Git repository by hackers to add a backdoor to PHP source code.

Dark Reading reports "Attackers Target PHP Git Server to Backdoor Source Code"