Slashdot Mirror

← Back to Stories (view on slashdot.org)

PHP.net Compromised

Posted by timothy on from the stay-safe-out-there dept.

An anonymous reader writes "The open source PHP project site was compromised earlier today. The site appears to have been compromised and had some of its Javascript altered to exploit vulnerable systems visiting the website. Google's stop-badware system caught this as well and flagged php.net as distributing malware, warning users whose browsers support it not to visit the site. The comment by a Google employee over at the hacker news thread (official Google webmaster forum thread) seems to suggest that php.net wasn't incorrectly flagged."

6 of 189 comments (clear)

  1. Oh the irony by killerzax · · Score: 5, Funny

    Let me guess, they got in through a PHP vulnerability?

    1. Re:Oh the irony by ArcadeMan · · Score: 5, Funny

      It's Microsoft's fault. The URL for PHP is php.net, which means it's .NET and hence the reason for being compromised.

      The malware was distributed via Javascript, which has Java in its name, which means it's also Oracle's fault.

      --
      Get free satoshi (Bitcoin) and Dogecoins
  2. It was already a dangerous site to visit ... by c0d3g33k · · Score: 5, Funny

    ... it introduced visitors to PHP.

  3. You Sound Like One Of Those by Anonymous Coward · · Score: 1, Funny

    You sound like one of those Java fundies.

    STFU, Doucharonimous.

    1. Re:You Sound Like One Of Those by ArcadeMan · · Score: 4, Funny

      Here's a better URL without all the superfluous Web 2.0 crap around it.

      --
      Get free satoshi (Bitcoin) and Dogecoins
  4. Uh oh... by edibobb · · Score: 4, Funny

    I happened to update php on my web server today. Did I get some additional free software out of the deal?