Skip to content
The Nexus
SECURITYMay 23 · 20:48 UTCBLEEPING COMPUTERLawrence Abrams

Laravel Lang packages hijacked to deploy credential-stealing malware

A supply chain attack exploited Laravel Lang localization packages by hijacking GitHub version tags to distribute credential-stealing malware via Composer packages, exposing developers to a sophisticated malware campaign.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting