php

Handling end of life (EOL) for operating systems is a relatively common, if cumbersome, task that IT teams have to grapple with as part of their activity. Yet, operating systems aren’t the ...

We’ve seeing so many software supply chain attacks in recent weeks that it’s hard for us to talk about all of them. But, in the last 24 hours, we’ve seen two major ...

There are more than 700+ programming languages to choose from and different languages gain popularity and momentum at any time. In fact, since 2012 there has been a new “favorite” programming language ...

Thank you to Ratnesh Pandey who also contributed to this research. On 16 September 2019, Bromium Labs observed the resumption of Emotet malicous spam (malspam) campaign activity following a hiatus since the ...

The official PHP Extension and Application Repository (PEAR) website has been shut down after an apparent hack caused the original PHP PEAR package manager to be replaced by attackers with a tainted ...

Sven Morgenroth, a security researcher at Netsparker, was interviewed by Paul Asadoorian and Larry Pesce for Paul's Security Weekly #584. Sven talked about PHP Object injection vulnerabilities and explained the dangers of ...

At the end of 2018, PHP will stop releasing security updates and supporting PHP 5.6 as well as PHP 7.0. Considering there are millions of websites who are still running these old ...

PHP is probably the single most prevalent server-side scripting language on the web. PHP has been the de facto choice for popular blog platforms like WordPress, Joomla and Drupal, which makes it ...

Introduced in PHP 4.3, streams are little known powerful resources that PHP provides. In this article, we will explore ways to bypass protection methods using the PHP Stream Wrappers, which are responsible ...

Watch episode 572 of Paul's Security Weekly, during which one of our Security Researchers, Sven Morgenroth examines data types and PHP Type Juggling Vulnerabilities. During the show, hosted by Paul Asdoorian, Sven ...