There's a new article on The Register about a topic that's constantly argued in any language, much less PHP - application security.

PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here's how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems on the web.

They talk first about the "great rise of PHP" on the web and how this surge of popularity also helped to show the great number of PHP security issues - both in applications written in it and in the language itself.

There's a mention of some of the upheaval that the PHP security community has had this year as well. They talk about the security of a LAMP installation versus a Windows machine, and their suggestions on helping to make the PHP world a better place.