PHP 7.4 is Dead. Node.js 18 is Dead. Is Your Stack Running on Ghosts? Two of the most widely deployed runtimes in the world are past end-of-life — and most teams have no idea. There's a category of security risk that doesn't show up in your vulnerability scanner, doesn't trigger your SIEM, and won't appear in your next penetration test report. It's not a zero-day. It's not a misconfiguration. It's something quieter and more pervasive: running software that the people who built it have stopped caring about. Right now, millions of production applications are running on Node.js 18 and PHP 7.4. Both are end-of-life. Neither is getting security patches. And if you're relying on automated tooling to catch this, there's a good chance it already failed you. Node.js 18: EOL Since April 2025 Node.js 18 entered Long Term Support in October 2022. It was the responsible choice for two solid years. Teams upgraded to it, CI pipelines were built around it, Docker base images were pinned to it.…