In this episode, we speak with Dwayne McDaniel about exposed secrets in our GitHub repositories and figuring out when we’ve been compromised using Honeytoken. Links: Dwayne’s site – https://dwayne-mcdaniel.com/ Verizon’s Data Breach Investigations Report – https://www.verizon.com/business/resources/reports/dbir/ GitGuardian Blog – https://blog.gitguardian.com/ HoneyBadger.io – https://HoneyBadger.io Our Discord – https://discord.gg/aMTxunVx Buy our shirts – https://store.phparch.com/products/community-corner-podcast-t-shirt Scott’s Social […]

Picture this: You’re responsible for a piece of software that powers nearly three-quarters of all websites on the internet. Every day, billions of people interact with applications built on your platform. The responsibility is staggering – and so is the target on your back. This was the reality facing The PHP Foundation in 2024 when […]

CSP is the Content Security Policy for your website’s pages. Think of it as a foreman on a construction site, checking all the material loads coming to the gate, verifying that they meet the requirements and sources defined by you, the architect. Accepting pine paneling for oak paneling in the specs would be disastrous for […]

 This week on the PHP Podcast, Eric and John talk about Explain Explained, Postgres All The Things, Livewire Remote Code Execution, Lazy Object, and more… Links from the show: Understanding MySQL Queries with Explain I replaced my entire tech stack with Postgres… – YouTube RCE Via User-Crafted Requests · Advisory · livewire/volt · GitHub […]

This week on the PHP Podcast, Eric and John talk about New Features in PHP 8.4, The Magic Behind Laravel’s defer(), Doctrine Introduces EnumType Columns, Serialization/Deserialization, Laravel’s Nightwatch, PHPTek 2025, and more… Links from the show: PHP 8.4: new features and release date The magic behind Laravel’s new defer() helper — Amit Merchant — A […]

One of the terrifying new developments in technology is the high prevalence of ransomware—criminals using software to hold your data or information systems hostage. by Eric Mann

Scott Keck-Warren has a contribution in honor of this month’s World Backup Date, Backups For Beginners. Follow along for some inspiration in making sure you have a complete backup system. Ken Marks continues his series, How to Hack Your Home with a Raspberry Pi, with an article showing how to actually hook up your accelerometer […]

In the physical world, it’s relatively easy to understand what a supply chain looks like—the security of physical goods in transit is a straightforward concept. This kind of security in the digital world can be harder to recognize but is just as critical.

This month’s release touches on some examples that keep PHP and its community strong, relevant, and a fun language to code. Ken Marks continues his series on using PHP and a Rasberry Pi in a real-world example with Raspberry Pi Part 2 – Installing the LAMP Stack on your Pi. As developers, we live a […]

There are a lot of things you can say about PHP and trust me a lot has been said about PHP, but the one thing you can not say is that it hasn’t proven itself. PHP has grown with the internet itself and has the battle scars to show for it.