PHPUnit Data Breach
PHPUnit experienced a data breach that was reported on February 15, 2022. PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., exter
Key Facts
- Organization
- PHPUnit
- Date Reported
- February 15, 2022
- Incident Type
- supply chain
- Industry
- Technology
- Severity Score
- 5/10
- Confidence Level
- high
- Tags
Source
View original source - External link to primary source documentation
Understanding supply chain Incidents
Supply chain attacks compromise trusted vendors or software to access downstream targets. Vendor security assessments and software integrity verification reduce exposure.