Laravel-Lang packages hit by supply chain attack that stole developer secrets

A supply chain attack against Laravel-Lang packages exposed developers to credential-stealing malware after attackers abused GitHub tags and Composer’s autoload system. Security researchers say the incident affected hundreds of historical package versions and created a risk for Laravel projects that installed or updated the affected dependencies during the compromise window. The attack was detected on […] The post Laravel-Lang packages hit by supply chain attack that stole developer secrets appeared first on VPN Central.