PHP Packagist supply chain poisoned by hacker “looking for a job”
I pwned you! Gizza job! You know it makes sense! Continue reading PHP Packagist supply chain poisoned by hacker “looking for a job”
Category Archives: Packagist
PHP community sidesteps its third supply chain attack in three years
Third time lucky! (The first two times were lucky, too, luckily.) Continue reading PHP community sidesteps its third supply chain attack in three years
How one man could have pwned all your PHP programs
Popular PHP package repository front end Packagist turned out to have an embarrassing command injection hole – now closed! Continue reading How one man could have pwned all your PHP programs