Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Updated on May 23, 2026

Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework.

The affected packages include –

laravel-lang/lang
laravel-lang/http-statuses
laravel-lang/attributes
laravel-lang/actions

“The timing and pattern of the newly published tags…

Read the rest of the story at Read More

Source: The Hacker News

May 20, 2025 Uncategorized

Hazy Hawk Exploits DNS Records to Hijack...

April 12, 2026 Uncategorized

Adobe Patches Actively Exploited Acrobat...

October 22, 2025 Uncategorized

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Related posts

Hazy Hawk Exploits DNS Records to Hijack...

Adobe Patches Actively Exploited Acrobat...

Researchers Identify PassiveNeuron APT U...

Leave a Comment Cancel reply

Recent News

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective