Ars Technica

Hackers backdoor PHP source code after breaching internal git server

A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open ...
CSOonline

PHP 5.3.10 Fixes Critical Remote Code Execution Vulnerability

The PHP Group released PHP 5.3.10 on Thursday in order to address a critical security flaw that can be exploited to execute arbitrary code on servers running an older version of the Web development ...