Ars Technica

Nasty bug with very simple exploit hits PHP just in time for the weekend

A critical vulnerability in the PHP programming language can be trivially exploited to execute malicious code on Windows devices, security researchers warned as they urged those affected to take ...
ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
Dark Reading

Attackers Target PHP Git Server to Backdoor Source Code

Attackers have breached the official PHP Git server and infected its code base, PHP developers and maintainers report. They have decided to make GitHub the permanent source for PHP repositories going ...