Skip to content
The Nexus
SECURITYMay 23 · 16:07 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

A coordinated supply chain attack has compromised eight packages on Packagist, injecting malicious code that executes a Linux binary hosted on GitHub Releases. The attack targeted JavaScript projects by inserting malicious content into package.json, bypassing composer.json in Composer packages.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting