Postmortem of PHP Core compromise continues

Published on by

Postmortem of PHP Core compromise continues image

The investigation of how a couple of git accounts of some prominent PHP Core developers was compromised is still ongoing. PHP internals contributor Sara Golemon took some time to join a panel of other PHP community members to discuss the current status of the investigation and what information they have.

Sara shared that there is no reason to be concerned about any of the official releases of PHP. The PHP Internals team caught this security breach before being merged into any of the release branches.

Some actions the PHP Internals team is considering moving forward are requiring signed commits for pull requests and requiring two-factor authentication for any core contributors.

You can watch the entire panel below:

Eric Van Johnson photo

CTO of DiegoDev Group, LLC. Podcaster at PHPUgly.com. Monthly contributor to php[architect] magazine and host of their podcast php[podcast].

Filed in:
Cube

Laravel Newsletter

Join 40k+ other developers and never miss out on new tips, tutorials, and more.

image
Oh Dear

Oh Dear is the best all-in-one monitoring tool for all your Laravel apps.

Visit Oh Dear

The latest

View all →
Use Ollama LLM Models Locally with Laravel image

Use Ollama LLM Models Locally with Laravel

Read article
TallStackUI - a new component library for TALL Stack apps image

TallStackUI - a new component library for TALL Stack apps

Read article
Laravel 10.34 Released image

Laravel 10.34 Released

Read article
Laravel Tailwind Merge image

Laravel Tailwind Merge

Read article
Generate Validation Rules from a Database Schema in Laravel image

Generate Validation Rules from a Database Schema in Laravel

Read article
A Feature Flags Implementation for Filament image

A Feature Flags Implementation for Filament

Read article
Honeybadger logo

Honeybadger

Zero-instrumentation, 360 degree coverage of errors, outages and service degradation.

Honeybadger
Laravel Forge logo

Laravel Forge

Easily create and manage your servers and deploy your Laravel applications in seconds.

Laravel Forge
Oh Dear logo

Oh Dear

Oh Dear is the best all-in-one monitoring tool for all your Laravel apps.

Oh Dear
Tinkerwell logo

Tinkerwell

The must-have code runner for Laravel developers. Tinker with AI, autocompletion and instant feedback on local and production environments.

Tinkerwell
Kirschbaum logo

Kirschbaum

Providing innovation and stability to ensure your web application succeeds.

Kirschbaum
Shift logo

Shift

Running an old Laravel version? Instant, automated Laravel upgrades and code modernization to keep your applications fresh.

Shift
Bacancy logo

Bacancy

Supercharge your project with a seasoned Laravel developer with 4-6 years of experience for just $2500/month. Get 160 hours of dedicated expertise & a risk-free 15-day trial. Schedule a call now!

Bacancy
LoadForge logo

LoadForge

Easy, affordable load testing and stress tests for websites, APIs and databases.

LoadForge
Paragraph logo

Paragraph

Manage your Laravel app as if it was a CMS – edit any text on any page or in any email without touching Blade or language files.

Paragraph
Lucky Media logo

Lucky Media

Bespoke software solutions built for your business. Partner with Lucky Media, your favorite Laravel Development Agency!

Lucky Media
Lunar: Laravel E-Commerce logo

Lunar: Laravel E-Commerce

E-Commerce for Laravel. An open-source package that brings the power of modern headless e-commerce functionality to Laravel.

Lunar: Laravel E-Commerce