PHP Supply Chain Attack: Over 700 Laravel-Lang Package Versions Compromised with Credential-Stealing Malware
On May 22, 2026, attackers exploited GitHub's tag system to inject a credential stealer into 700+ versions of laravel-lang/lang, http-statuses, attrib...