Socket Announces Support for PHP with Composer and Packagist Integration

Developers Can Now Search, Analyze, and Secure PHP Dependencies with AI-Powered Supply Chain Protection It would be ...
InfoWorld

Patch your PHP: Security fixes released for all branches

PHP developers, take note of the latest updates: Versions 7.0.2, 5.6.17, and 5.5.31 are now available and feature a multitude of security bug fixes. Version 7.0.2 fixed 31 bugs, including six security ...
heise online

PHP security check uncovers critical vulnerabilities

The Open-Source Technology Improvement Fund (OSTIF), with the support of the Sovereign Tech Fund and in collaboration with Quarkslab and the PHP Foundation, conducted a comprehensive security review ...
Threat Post

New Exploits Arrive for Old PHP Vulnerability

New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework. Close to two years ago, ...
Dark Reading

PHP Security Expert Quits

Drama on the PHP front: A high-profile member of the open source PHP Security Response Group abruptly has resigned his post. Stefan Esser said in his blog over the weekend that he left the group, ...
ZDNet

GitHub security alerts now support PHP projects

Since the Dependency Graph feature is intertwined with the Security Alerts (Vulnerability Alerts) feature, this also means GitHub users will also be eligible to receive automatic security alerts for ...
Bleeping Computer

PHP's Git server hacked to add backdoors to PHP source code

In the latest software supply chain attack, the official PHP Git repository was hacked and the code base tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository ...