From helpnetsecurity.com
“[On Sunday, March 28] two maliciouscommits were pushed to the php-src repo from the names of Rasmus Lerdorf and myself. We don’t yet know how exactly this happened, but everything points towards a compromise of the git.php.net server (rather than a compromise of an individual git account),” developer Nikita Popov explained in a message sent out through one of the project’s mailing lists.