PHP.net hacked, but most things are fine again

Between 22nd and 24th October 2013 php.net served JavaScript malware (that was built to use security holes in the usually insecure Flash player) to users, but php downloads / source tarballs are not affected.

As stated by php.net, everything is fine again. I’ve put a link to the full attacker’s JS code at the end of the article, this might be interesting for JS guys. This will hopefully lead to a rethinking of how php.net handles its server mirroring.

Update: Parts of the site which use SSL are not accessable for a short time.

Update: All passwords for the site have been reset.

Update: The PHP git repo is now read-only.

More here:
http://php.net/archive/2013.php#id2013-10-24-1
http://barracudalabs.com/2013/10/php-net-compromise/

The full code of the attacking malware JavaScript (very interesting read!) can be found here:
http://pastebin.com/XD0KyLxu

PHP.net hacked, but most things are fine again

Killer-feature in PHPStorm: Search everywhere

Free $10 coupon for DigitalOcean SSD cloud VPS hosting

“Belt” adds very clever everyday functions to PHP, comes with JavaScript naming styles and eventually solves the needle/haystack problem

[RePost] Goodbye LAMP: Going Nginx, NoSQL, HHVM (41min conference talk with Arne Blankerts)

Switching from Java to PHP. Seriously. A very interesting and pre-judice-free talk with Ph.D. Aris Zakinthinos

Redesigning the PHP logo – who wants ?

[FREE SERVER PROMO] Install GHOST for free on a free SSD server with this coupon

Interesting: code of the same application in PHP, Python, Ruby, Closure, node.js, Java and Go

An introduction into Atomic Design, a super-clean way to style web applications

Best introduction to unix command line / bash ever (by André Augusto Costa Santos)

Crossbrowser-safe HTML5 video (IE6+) with a few lines of code and just one .mp4 video file

How to copy Vagrant boxes (or duplicate them)

A quick history of Comic Sans, the most wrongly used font ever

GAMESCOM 2014: Awesome Next-Gen ingame graphics

Perfect HTML email templates for perfect HTML emails (outlook!) with INK

Creator of Slim framework and “PHP – The right way” writes book: “Modern PHP”, available 2015

A super-simple introduction into PHP namespaces (7min video)

Composer problems ? Try full reset !

How to setup and use XDEBUG with PHPStorm 6/7 (locally in Windows 7/8 and Mac OS X)

Angelina Fabbro talks about “CSS4” in this excellent conference video

Is this the first HTML6 specification?

Increase your HTML / CSS coding speed with EMMET

Laracon 2013 – Kapil Verma: Engineering Complex Applications with Laravel 4 (40min video)

Interesting stats on SONY’s hacked passwords