PHP.net Compromised

An anonymous reader writes "The open source PHP project site was compromised earlier today. The site appears to have been compromised and had some of its Javascript altered to exploit vulnerable systems visiting the website. Google's stop-badware system caught this as well and flagged php.net as distributing malware, warning users whose browsers support it not to visit the site. The comment by a Google employee over at the hacker news thread (official Google webmaster forum thread) seems to suggest that php.net wasn't incorrectly flagged."

Oh the irony

[Zachariah Day]

Let me guess, they got in through a PHP vulnerability?

It was already a dangerous site to visit ...

[c0d3g33k]

... it introduced visitors to PHP.

You Sound Like One Of Those

[Anonymous Coward]

You sound like one of those Java fundies. [dilbert.com]

STFU, Doucharonimous.

Re:Oh the irony

[ArcadeMan]

It's Microsoft's fault. The URL for PHP is php.net, which means it's .NET and hence the reason for being compromised.

The malware was distributed via Javascript, which has Java in its name, which means it's also Oracle's fault.

Re:You Sound Like One Of Those

[ArcadeMan]

Here's a better URL [dilbert.com] without all the superfluous Web 2.0 crap around it.

Uh oh...

[edibobb]

I happened to update php on my web server today. Did I get some additional free software out of the deal?