PHP Developers Share Update on Recent Breach


The malicious code, discovered in late March, was found in the php-src repository hosted on the server and it was apparently designed to allow an attacker to remotely execute arbitrary PHP code. PHP developers said the backdoor was discovered before it was pushed out to users via an update.

Initially, users were told that evidence pointed to a compromise of the server rather than a Git account hijacking.

However, in an update shared this week, Nikita Popov, an important PHP contributor, said they no longer believe the server was compromised.