It's "tagged" by Google. When I search php from the iPhone I get:

"PHP: Hypertext Preprocessor

php.net/

This site may harm your computer.

Server-side HTML embedded scripting language. It provides web developers with a full suite of tools for ..."

Google inserts the "harm" note.

Yes, but there are quite a few ways to get flagged by Google.

You are correct. Like I said, I doubt that is the case. Php can be very secure if configured correctly.

that's the issue, PHP should be secure(ie restrictive) by default, Linux style... it is not. PHP+Apache => recipe for disaster. PHP is a templating language yet doesnt do html sanitizing by default !

95% of compromised websites are PHP ones.

That's the reason why PHP will die eventually,when businesses understand while it's cheap to go online with a PHP cms, once you get hacked , it will cost you your business.