DevOps / SRE — Top Links Last Week

PHP Supply Chain Attack Shows Open Source’s Virtues and Vices

Two malicious commits were pushed to the PHP language’s master software code storage site. This would have enabled an attacker to run a remote program on anyone running software using this hacked version of PHP. Fortunately, because PHP is open source, the problem was spotted before it had a chance to…