Official PHP Git server targeted in attempt to bury malware in code base
The official PHP Git server has been compromised in a potential attempt to plant malware in the code base of the PHP project.
On Sunday, PHP programming language developer and maintainer Nikita Popov said that two malicious commits were added to the php-src repository in both his name and that of PHP creator Rasmus Lerdorf.
The malicious commits, which appeared to be signed off under the names of Popov and Lerdorf (1,2), were masked as simple typographical errors that needed to be resolved.