Zero-Day Vulnerabilitiesdeveloping·BleepingComputer

Laravel Lang packages hijacked to deploy credential-stealing malware

Published: 23.05.2026 22:48Fetched: 24.05.2026 01:03

Summary

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after attackers abused GitHub version tags to distribute malicious code through Composer packages. [...]

Source

Source: BleepingComputer

URL: https://www.bleepingcomputer.com/news/security/laravel-lang-packages-hijacked-to-deploy-credential-stealing-malware/

Trust Level: ★★★☆☆

Read original ↗← Back