Bleeping Computer

Developer Creates Rootkit That Hides in PHP Server Modules

A Dutch web developer has created a rootkit that hides inside a PHP module and can be used to take over web servers via a rarely used attack vector: Apache modules. According to a classic definition ...
Ars Technica

Nasty bug with very simple exploit hits PHP just in time for the weekend

A critical vulnerability in the PHP programming language can be trivially exploited to execute malicious code on Windows devices, security researchers warned as they urged those affected to take ...
CSOonline

PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure. Unknown attackers managed to break ...
Bleeping Computer

2016 Open-Source Repo Continues to Fuel the PHP Server Ransomware Scene

A PHP ransomware project open-sourced on GitHub is still spawning active threats, more than a year after it was released in early 2016. The project, unimaginatively named "Ransomware," is the work of ...