Login

Bjyda · 03-29-2021 , 05:09 PM

Quote:In yet another instance of a software supply chain attack, unidentified actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.

The two malicious commits were pushed to the self-hosted "php-src" repository hosted on the git.php.net server, illicitly using the names of Rasmus Lerdorf, the author of the programming language, and Nikita Popov, a software developer at Jetbrains.

The changes are said to have been made yesterday on March 28.

"We don't yet know how exactly this happened, but everything points towards a compromise of the git.php.net server (rather than a compromise of an individual git account)," Popov said in an announcement.

Source

Login
Username:
Password:	Lost Password?
	Remember me

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Swedish Supermarket Chain Hit by Massive Cyberattack	mrtrout	0	1,312	07-06-2021 , 05:58 AM Last Post: mrtrout
	Cisco points to new tier of APT actors that behave more like cybercriminals	Bjyda	0	1,145	02-23-2021 , 11:22 PM Last Post: Bjyda
	Cyberpunk 2077 Exploit Allows Malicious Actors to Gain Control of Gamers PCs	mrtrout	0	1,143	02-09-2021 , 04:10 AM Last Post: mrtrout
	French Car Renting Service ‘UCAR’ Victimized by Ransomware Actors	Bjyda	0	1,218	01-24-2021 , 11:47 PM Last Post: Bjyda
	German tech giant Software AG down after ransomware attack	mrtrout	0	1,146	10-10-2020 , 07:25 AM Last Post: mrtrout