Threat actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a backdoor into the source code. The attackers pushed two commits to the php-src repository hosted on the git.php.net server. The analysis of malicious code revealed the presence of a string Zerodium, which is the name of one of the most popular zero-day brokers. There is no evidence to suggest that the malware was designed to be sold as a proof-of-concept.”]
Source: https://securityaffairs.co/wordpress/116088/hacking/php-git-server-hack.html