■■■■■ SonarSource discovered a 15-year-old flaw in the PEAR PHP repository that could have enabled supply chain attacks.
https://blog.sonarsource.com/php-supply-chain-attack-on-pear/
https://securityaffairs.co/wordpress/129797/hacking/pear-php-critical-flaws.html
https://t.me/cKure/11127