Collaborate Disseminate
dotancohen writes: Late Sunday night, on March 28, 2021, Nikita Popov, a core PHP committer, released a statement indicating that two malicious commits had been pushed to the php-src Git repository. These commits were pushed to create a backdoor that w… Continue reading PHP’s Git Server Hacked To Add Backdoors To PHP Source Code
Unidentified hackers have tried to plant malicious code in PHP, a programming language used in an estimated 79% of websites. The developers who maintain PHP said Sunday that the attackers likely broke in through a PHP server, and made two “commits,” or attempted changes to the PHP source code. It’s but one example of the supply-chain vulnerabilities inherent in the basic building blocks of popular websites. “While investigation is still underway, we have decided that maintaining our own git infrastructure is an unnecessary security risk, and that we will discontinue the git.php.net server,” Nikita Popov, a software developer who helps maintain PHP, said in a statement. Popov said PHP would move its code repositories to GitHub, an open-source platform for software developers. Popov did not immediately respond to a request for comment, but told Bleeping Computer that PHP’s maintainers had caught the malicious code before it was introduced publicly […]
The post Hackers try to bug PHP programming language in supply chain cautionary tale appeared first on CyberScoop.
Continue reading Hackers try to bug PHP programming language in supply chain cautionary tale
The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. What happened? “[On Sunday, March 28] two malicious commits were pushed to the php-src repo from the names of Rasmu… Continue reading Attackers tried to insert backdoor into PHP source code
We’ve seeing so many software supply chain attacks in recent weeks that it’s hard for us to talk about all of them. But, in the last 24 hours, we’ve seen two major issues that are important for everyone to take notice of:
The post Netmask Flaw Lea… Continue reading Netmask Flaw Leaves Millions Vulnerable While a PHP Git Server is Hacked in Software Supply Chain Attack
I’m trying to follow the OWASP ‘Forgot Password Cheat Sheet’ recommendations for password reset functionality via email. This requires my server to generate a token. OWASP says that PHP’s random_bytes() and openssl_random_pseudo_bytes() fu… Continue reading How many bytes for password reset token? Should one take steps to hash or conceal raw CSPRNG bytes?
I’m running a PHP application with a user management system called userspice. It basically allows you to include the userspice PHP file and then control access to a certain PHP page.
As I have seen some spikes in my log management about 40… Continue reading Suspicious HTTP Requests in my logs [duplicate]
I am a web dev and I noticed that a potential client server is displaying something that leads me to thing he is using a php4 built back end.
It is a banking application and I owner is concerned about security reason. Moreover I have heard… Continue reading does this mean its written in PHP4?
I found an obfuscated PHP-script in a log directory on a shared hosting, which had been given chmod 0777 by mistake.
The script in it’s original form looks like this:
$zowyb = ‘i#7uH0_ls5y4m*bcrovaptf-8d1x69\’3egkn’;
$hifcq = array();
$hif… Continue reading What does this obfuscated PHP script do? [duplicate]
As a security in-charge, I just noticed that one of our production web apps was attacked by some hackers. The attacker accessed the .git/objects/ files.
I already modified .htaccess to make .git and its content inaccessible.
The attacker … Continue reading Security implications of stolen .git/objects/ files
When I browse on my hosting account, I found the index.php of my website has some code embedded to it, in the beginning there was really long line containing erratic code. There was also two more suspicious files I never saw the content of… Continue reading Found PHP script with erratic code, htaccess kept resetting even if I change it