Backdoor Attack Allows Threat Actors to Access PHP Respository’s User Database

Read the original article: Backdoor Attack Allows Threat Actors to Access PHP Respository’s User Database


At the end of March, the git.php.net server was believed to be compromised when a malicious source code update was pushed, adding a backdoor to PHP itself. However, an investigation revealed that that the commits were pushed using HTTPS, rather than the usual SSH certificate-based authentication, and used existing users’ passwords that had apparently been […]

The post Backdoor Attack Allows Threat Actors to Access PHP Respository’s User Database appeared first on Binary Defense.




Read the original article: Backdoor Attack Allows Threat Actors to Access PHP Respository’s User Database