----- 3. Are PHP applications also a target of this initiative? No they are not. If you want a month of PHP application bugs you can subscribe to the bugtraq or full-disclosure mailinglists. ----- http://www.php-security.org/ Gadi.