The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28.
An attacker was able to modify the PHP source code twice and inject a backdoor into it. Thankfully, both attempts were quickly detected and removed by the PHP team.
Per a statement released in PHP’s internal mailing list, the current investigation believes the git.php.net server itself has been compromised rather than the individual’s account.
Everything points towards a compromise of the git.php.net server.