URL has been copied successfully!
Laravel Lang packages hijacked to deploy credential-stealing malware
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Laravel Lang packages hijacked to deploy credential-stealing malware


Tags: , , , , , ,

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after attackers abused GitHub version tags to distribute malicious code through Composer packages.

First seen on bleepingcomputer.com

Jump to article: www.bleepingcomputer.com/news/security/laravel-lang-packages-hijacked-to-deploy-credential-stealing-malware/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Self-propagating worm found in marketplaces for Visual Studio Code extensions
  2. How GlassWorm wormed its way back into developers’ code, and what it says about open source security
  3. Malicious PyTorch Lightning Packages Found on PyPI
  4. Mistral AI SDK, TanStack Router hit in npm software supply chain attack