Update on PHP source code compromise: User database leak suspected

Possible culprit: Ancient code running in production. A vuln 'would not be terribly surprising' says maintainer

PHP maintainer Nikita Popov has posted an update concerning how the source code was compromised and malicious code inserted - blaming a user database leak rather than a problem with the server itself....