PHP Git server exploit, the Zero day bug that nobody wanted to buy
PHP Git server exploit
SourceGuardian 12 Released With Full PHP 8 Support
SourceGuardian 12 have just been released with full support of all the new PHP 8 language features. The new version now supports PHP 8 encoding, in addition to named parameters, attributes, union...
Composer security Harderning
Composer is a dependency manager for PHP, and is the de facto one. It is a great software developed by brilliant people, and Composer security have the necessary precautions in place to prevent...
Responsive Menu Plugin Exposed Hundred Thousand Websites to High Security risk
Wordfence disclosed this week multiple vulnerabilities patched in the popular Responsive Menu WordPress plugin that exposed more than 100,000 sites to takeover attacks. The three vulnerabilities revealed grant attackers the ability...
How Composer Avoid Dependency Chain Attacks
In a blog post published by Nils Adermann co-Founder of Packagist, explained how composer manage dependency confusion and avoid security issues caused by other package managers to big companies such Apple,...
Webinar : Securing Your Infrastructure Before, During and After Deployment
Synk is organizing a webinar on October 14, 2020 3:00 pm CET titled securing your infrastructure before, during and after deployment. There will be three speakers from respectively Synk, Pulumi, and...
Top PHP Security and Malware Scanners
Hope you will are not coming to this page the day you are hit by a malware ! Because the day you discover that your server is compromised by a malware...
Why Github new CodeQL security feature is not for PHP?
Last year, Github acquired the code analysis platform Semmle and now we can see this acquisition in practice : a new code scanning security feature have just been rolled out for...
Perforce Unveils New PHP Security Center by Zend
New PHP Security Center by Zend allows PHP development teams to quickly assess PHP vulnerabilities and exposures by version, type, and severity.
MINNEAPOLIS, June 23, 2020 – Perforce Software, a provider of...
Symfony security : Disclosure of uploaded files full path
Fabien Potencier have just published a new security issue CVE-2018-19789 related to the disclosure of uploaded files full path that affect versions 2.7.0 to 2.7.49, 2.8.0 to 2.8.48, 3.0.0 to 3.4.19,...