PHP developers, take note of the latest updates: Versions 7.0.2, 5.6.17, and 5.5.31 are now available and feature a multitude of security bug fixes. Version 7.0.2 fixed 31 bugs, including six ...

GitHub security alerts now support PHP projects GitHub is now also a CVE CNA and can issue its own CVE numbers for bugs disclosed in projects hosted on the platform.

PHP security audit reveals 27 vulnerabilities. Quarkslab nevertheless rates PHP codebase as positive. Update strongly recommended.

New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework.

During the past two years, the core PHP developers have done an incredible job of providing the PHP user community with powerful technology that has been able to perform remarkably well in many ...

The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default.

From time to time, you will find a security advisory about some major web application on security mailing lists. Most of the time, the problem is fixed easily. The errors often occur because the ...

In the latest software supply chain attack, the official PHP Git repository was hacked and tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by ...