Clicky

PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code

ByPR 24
PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code | IT Security News

In yet another instance of a software supply chain attack, unidentified actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.
The two malicious commits were pushed to the self-hosted “php-src” repository hosted on the git.php.net server, illicitly using the names of Rasmus Lerdorf, the author of the

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to “allow cookies” to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click “Accept” below then you are consenting to this.

Close


Similar Posts

Researchers Demonstrate 2 New Hacks to Modify Certified PDF Documents

Researchers Demonstrate 2 New Hacks to Modify Certified PDF Documents

ByPR 24

Researchers Demonstrate 2 New Hacks to Modify Certified PDF Documents | IT Security News 29. May 2021 This article has been indexed from The Hacker News Cybersecurity researchers have disclosed two new attack techniques on certified PDF documents that could potentially enable an attacker to alter a document’s visible content by displaying malicious content over…

CVE-2020-25709 – Alert Detail – Security Database

CVE-2020-25709 – Alert Detail – Security Database

ByPR 24

Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary Informations Name CVE-2020-25709 First vendor Publication 2021-05-18 Vendor Cve Last vendor Modification 2021-05-18 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA…

SolarWinds Attackers Return With Fresh Phishing Campaign

SolarWinds Attackers Return With Fresh Phishing Campaign

ByPR 24

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Microsoft: Russians Used Malicious Messages Portrayed as Coming From USAID Scott Ferguson (Ferguson_Writes) • May 28, 2021     Here’s an example of a phishing email masquerading as a message from USAID. (Source: Microsoft) A Russian group that was behind the massive…

Accenture knew about ransomware attack in late July: report – Security

Accenture knew about ransomware attack in late July: report – Security

ByPR 24

Accenture spotted the LockBit ransomware attack on its systems as far back as July 30 and found that hackers had stolen documents referencing clients, as well as work materials created on clients’ behalf, according to a report from cybersecurity news site CyberScoop. The publicly traded IT consultancy initially confirmed the ransomware attack on Wednesday in…

FBI & CISA Warn of Active Attacks on FortiOS …

FBI & CISA Warn of Active Attacks on FortiOS …

ByPR 24

A joint advisory warns admins of the likelihood of APT groups exploiting three vulnerabilities in the Fortinet FortiOS. Editor’s Note: This story was updated on April 2 at 5:35 PM ET to include Fortinet’s statement. The FBI and Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint advisory warning admins…

US expels Russian diplomats, imposes new round of sanctions

US expels Russian diplomats, imposes new round of sanctions

ByPR 24

Russia said Washington’s actions contradicted a stated US desire to normalise relations with Moscow. The sanctions are hostile steps that heighten the countries’ confrontation, a Russian Foreign Ministry spokeswoman said. Loading At the same time, an official with the US Department of Justice said the government was examining “dozens” of Russian companies for potential supply…