A sophisticated software supply chain attack has successfully compromised the Laravel-Lang ecosystem, impacting hundreds of package versions and exposing developers to severe credential theft. On May 22, 2026, security researchers from Aikido Security and Socket disclosed an active campaign that exploited GitHub’s version-tagging system to inject remote code execution (RCE) backdoors into widely used third-party […]
The post Threat Actor Compromised 233 Versions of Laravel-Lang Packages by Hacking 700 GitHub Repos appeared first on Cyber Security News.