The PHP project kicked off in 1995 and would eventually become a server-side scripting language and general-purpose programming language used by tech giants like Facebook, Yahoo, and Etsy.

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure.

The PHP project on Sunday announced that attackers were able to gain access to its main Git server, uploading two malicious commits, including a backdoor.

A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide.