Attention, PHP users - It appears that anyone downloading and installing an updated edition from PEAR (PHP Extension and Application Repository, a framework and distribution system for reusable PHP component) in the last half-year could have been compromised.

The administrators of the PEAR package manager website have taken the site offline, having discovered that hackers breached the site, and apparently planted malicious code into the software.

https://www.grahamcluley.com/poisoned-pear-php-extension-repository-download-infected-for-up-to-six-months/