ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
Bleeping Computer

Spam Botnet Tracked Down to Malicious PHP Script Found on 5,000 Hacked Sites

A malicious PHP script found on over 5,000 compromised websites has been fingered as the source of a large-scale spam campaign that has been silently redirecting users to web pages hosting diet and ...
Bleeping Computer

Millions of Websites Vulnerable Due to Security Bug in Popular PHP Script

A security flaw discovered in a common PHP script allows knowledgeable attackers to execute code on a website that uses a vulnerable version of the script, which in turn can allow an attacker to take ...
CSOonline

PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure. Unknown attackers managed to break ...