Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Interesting! It might actually have a big impact, given how much in use the page is. And the target audience of php.net is likely to be a good target for keylogger attacks (SSH/SFTP logins and the like to development and production machines). It's certainly getting worse than I expected at first. Given how low the AV detection rate is, it would be interesting in how much impact the plugin exploits have for the overall installation base.


You're not wrong. It's almost a watering hole attack, with the aim of getting credentials to get leverage against other higher profile sites.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: