Home / Early Warning / Cybersecurity Highlights / Malicious code uploaded to PHP server

Malicious code uploaded to PHP server

03/28/2021

One of the developers of the PHP language, Nikita Popov, reported that the PHP source code was maliciously modified, adding a backdoor to enable remote code execution, and that the modification was uploaded to the php-src repository on 28th of March.

The incident is being investigated, but all indications are that the git.php.net server, which remains offline, was compromised. The latest stable version of PHP is not affected.

The new security measures adopted focus on making GitHub repositories no longer mirrors and commits are made directly on GitHub. Malicious code commits have already been removed.