Drama on the PHP front: A high-profile member of the open source PHP Security Response Group abruptly has resigned his post. Stefan Esser said in his blog over the weekend that he left the group ...

During the past two years, the core PHP developers have done an incredible job of providing the PHP user community with powerful technology that has been able to perform remarkably well in many ...

New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework.

UPDATE Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities, including one that can lead to a heap-based buffer overflow.

PHP security audit reveals 27 vulnerabilities. Quarkslab nevertheless rates PHP codebase as positive. Update strongly recommended.

From time to time, you will find a security advisory about some major web application on security mailing lists. Most of the time, the problem is fixed easily. The errors often occur because the ...

GitHub security alerts now support PHP projects GitHub is now also a CVE CNA and can issue its own CVE numbers for bugs disclosed in projects hosted on the platform.

The PHP Group released PHP 4.3.1 and PHP 5.0.3 which plug serious security holes in implementations of the popular Web site scripting language, the group said in a statement on it's Web site. All ...

PHP 7 has finally arrived. It's the first major number version of the popular Web scripting language since 2004, and it was released just before a new software security report branded PHP as among the ...