An unknown actor compromised the official PHP Git repository last night (March 28), pushing backdoored code under the guise of a minor edit. The malicious attacker pushed two commits to the php-src repo for the popular scripting language that contained a backdoor allowing for remote code execution (RCE).
