ZDNet

Mystery still surrounds hack of PHP PEAR website

Details remain foggy about a recent security breach at the PHP PEAR website, a crucial, but lesser-known part of the PHP ecosystem. PEAR, which stands for "PHP Extension and Application Repository," ...
Graham Cluley

Poisoned PEAR. PHP extension repository download infected for up to six months

The administrators of the PEAR package manager website have taken the site offline, having discovered that hackers breached the site, and planted a backdoor into the software. PEAR (PHP Extension and ...
Ars Technica

PEAR PHP site breach lets hackers slip malware into official download | Ars OpenForum

"The officials didn’t say when the hack of their Web server occurred or precisely what the malicious version of go-pear.phar did to infected systems. Initial indications, however, look serious. " Then ...