http://www.theregister.co.uk/2007/01/11/php_apps_security/
http://www.securityfocus.com/news/11430