Home > Cyber News > PHP Git Server Hit in a Cyberattack
CYBER NEWS

PHP Git Server Hit in a Cyberattack

by   |  Last Update:  |  0 Comments  

The official PHP Git server was recently compromised in a software supply chain attack. The attackers pushed unauthorized updates to implant a backdoor in the server’s source code.

PHP Git Server Cyberattack: What Should You Know?

“Yesterday (2021-03-28) two malicious commits were pushed to the php-src repo [1] from the names of Rasmus Lerdorf and myself. We don’t yet know how exactly this happened, but everything points towards a compromise of the git.php.net server (rather than a compromise of an individual git account),” said software developer Nikita Popov in his description of the attack.




The investigation of the cybersecurity attack is still taking place. However, the developers decided that maintaining their own git infrastructure “is an unnecessary security risk.” Thus, they decided to discontinue the git.php.net server.

“Instead, the repositories on GitHub, which were previously only mirrors, will become canonical. This means that changes should be pushed directly to GitHub rather than to git.php.net,” Popov explained.

In other words, from now on, software developers will have to be part of PHP’s GitHub organization. Developers that aren’t part of the organization or don’t have access to a specific repository, should get in touch with Popov.

Did you know?
Nearly 80% of all websites run on PHP. More particularly, “PHP is used by 78.9% of all the websites whose server-side programming language we know”, according to W3Techs statistics. This means that any vulnerabilities in PHP could affect a large number of web applications that utilize the language, including websites that run on content management systems such as WordPress and Drupal.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. CVE-2018-11235 Git Vulnerability – Microsoft Releases Patch An industry-wide security flaw identified as CVE-2018-11235 has been discovered...
  2. Support for PHP 5.6.x Ends in 2 Months, Millions of Websites at Risk Did you know that nearly 80% of all websites run...
  3. Which Are The Most Secure Smartphones PRICE TOTAL SCORE OS VPN ENCRYPTION TRACK BLOCK FINGERPRINT 1...
  4. .PHP Virus File (Dharma Ransomware) – How to Remove .PHP virus file – what is it? The virus is...
  5. CVE-2020-36193: 15-Year-Old Bugs in PHP PEAR Could Create Supply-Chain Attacks Security researchers recently identified two critical code vulnerabilities in a...
  6. CVE-2019-13224, Other Critical Flaws in PHP – Patch Now The latest versions of PHP were recently released (PHP version...
  7. .php Files Virus (Dharma Ransomware) – How to Remove It What Is PHP File Virus? In this article, you will...
  8. 5 Emerging Cybersecurity Trends in 2019 As 2018 draws to a close, it is time to...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree