Well, that was no fun. On March 28th “two malicious commits were pushed to the php-src repo.” That repository, in case you didn’t know, is the PHP language’s master software code storage site.
Read full article on The New Stack
PHP Supply Chain Attack Shows Open Source’s Virtues and Vices
- Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland… – SWN #379
- 5.3M World-Check records may be leaked; how to check your records
- Sacramento airport goes no-fly after AT&T internet cable snipped
- Active adversary report: Ransomware hit a ceiling, but security teams at risk for more pain
- Akira takes in $42 million in ransom payments, now targets Linux servers