Threat Actors Hack PHP’s Git Server to Inject Backdoors into PHP Source Code
Two malicious commits were pushed to the php-src Git repository maintained by the PHP team, impersonating two well-known PHP developers and maintainers, on their git.php.net server.