Aug30 by Paul Ducklin 7 How one man could have pwned all your PHP programs Popular PHP package repository front end Packagist turned out to have an embarrassing command injection hole – now closed!
