On Developer.com today there's a new article (from Sean Michael Kerner) that talks about the Month of PHP Security effort that's been going on and how, despite over 60 issues being reported, PHP remains strong.
Over the course of May, the PHP community was hit with a barrage of more than 60 security issues. The security assault was all part of the Month of PHP Security (MOPS) effort, which disclosed the flaws. But even after so many identified security issues in MOPS, PHP experts argue that the language is not necessarily insecure.
There's several quotes from Andi Gutmans (of Zend) with his thoughts on the bugs that were reported and how important he sees them as being (hint: nothing zero-day) and how developers are still, ultimately, the ones responsible for the security of their applications.