SECURITYTHE HACKER NEWS
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Cybersecurity researchers identified a supply chain attack targeting Laravel-Lang PHP packages, which were compromised to deliver a cross-platform credential-stealing framework. The affected packages include laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions.
Mentioned
Related Signal
Adjacent reporting
- DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
- The never-ending supply chain attacks worm into SAP npm packages, other dev tools
- Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack
- Trellix Source Code Breach Highlights Growing Supply Chain Threats
- Axios NPM Package Compromised in Precision Attack
- Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft