PHP backdoor attempt shows need for better code authenticity verification
Unknown attackers managed to break into the central code repository of the PHP project and add malicious code with the intention to insert a backdoor into the runtime that powers most websites on the internet. The hackers impersonated two high-profile PHP developers, but the code commits were not very subtle and were detected within hours when other developers reviewed them.
Read more...