According to Stefan Esser, author of the Suhosin patch, May 2010 will be the “Month of PHP Security” :
This initiative continues the effort of Hardened-PHP’s Month of PHP Bugs in 2007 to improve the security of PHP and the PHP ecosystem by disclosing vulnerabilities in PHP and PHP applications on the one hand and on the other hand by publishing articles and tools that help PHP application developers to develop more secure PHP applications.
You’ll find more information on the MoPS website and you can follow its twitter account to discover each vulnerability as soon as it’s reported.