- Unknown attackers tried to compromise the source code of the PHP programming language in what would have been a dangerous supply chain hack.
- PHP is used to program the servers behind almost 80 percent of websites on the internet, which means that this attack, if it had gone undetected, could have given the hackers the ability to take control of thousands of sites.
- The hackers uploaded two pieces of malicious code as part of a commit to the PHP code base using the names of two core PHP developers, Rasmus Lerdorf and Nikita Popov, the developer who disclosed the breach.
- “We don’t yet know how exactly this happened, but everything points towards a compromise of the git.php.net server (rather than a compromise of an individual git account),” Popov wrote.
- Popov also announced that the PHP project would now move to Github rather than use its own internal code repository.
- The investigation into this breach “is still underway” and that developers are checking that the hackers didn’t make any other malicious changes.
– Lorenzo Franceschi-Bicchierai | March 29, 2021