Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure.

The packages weaponized a proof-of-concept (PoC) code dependency-confusion exploit that was recently devised by security researcher Alex Birsan to inject rogue code into developer projects.

Code hosting website GitHub announced today plans to add support for a Dependency Graph for Composer-based PHP projects.

Taylor Otwell, inventor and maintainer of popular PHP framework Laravel, is warning against overly complex code and the risks ...

The team behind scripting language PHP has announced PHP version 8.0, a major release that may require developers to review code for any breaking changes.

A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the ...