techtimes

Laravel Supply Chain Attack Backdoors 5,561 Repos: Git Tag Rewrite Defeats Version Pinning

On the night of May 22, 2026, an unidentified attacker with push access to the Laravel-Lang GitHub organization rewrote every existing version tag across four widely used PHP localization packages — ...

Laravel Lang packages hijacked to deploy credential-stealing malware

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated ...