Week in review: PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines

From helpnetsecurity.com

Here’s an overview of some of last week’s most interesting news and articles:

Attackers tried to insert backdoor into PHP source code
The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers.

The growing threat to CI/CD pipelines
By hardening CI/CD pipelines and addressing security early in the development process, developers can deliver software faster and more securely.

DDoS attacks in 2021: What to expect?
Hoping for a major Bitcoin payout, DDoS attackers continue to raise the bar when it comes to attack size, frequency, and target diversification.

Read more…