All news
php
(3 articles)May 23, 2026
Laravel Lang Packages Hijacked: Credential Malware
Attackers hijacked Laravel Lang Composer packages via tag rewrites to deploy a cross-platform credential stealer. Here's what happened and how to respond.
May 23, 2026
Laravel-Lang PHP Packages Hit by Credential Stealer
Laravel-Lang PHP packages were compromised to deliver a cross-platform credential stealer. Here's what developers need to know and how to protect your apps.
April 14, 2026
PHP Composer Flaws Enable Arbitrary Command Execution
Critical PHP Composer vulnerabilities allow arbitrary command execution. Patches are out. Here's what developers need to do right now to stay protected.