Security News > 2021 > March > PHP's Git Server Hacked to Insert Secret Backdoor to Its Source code
In yet another instance of a software supply chain attack, unidentified actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.
The changes, which were committed as "Fix Typo" in an attempt to slip through undetected as a typographical correction, involved provisions for execution of arbitrary PHP code.
"This line executes PHP code from within the useragent HTTP header, if the string starts with 'zerodium'," PHP developer Jake Birchall said.
Besides reverting the changes, the maintainers of PHP are said to be reviewing the repositories for any corruption beyond the aforementioned two commits.
In the wake of the breach, the team behind PHP is making a number of changes, including migrating the source code repository to GitHub, with changes to be pushed directly to GitHub rather than to git.
Contributing to the PHP project will now require developers to be added as a part of the organization on GitHub.