Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework.

The affected packages include –

laravel-lang/lang
laravel-lang/http-statuses
laravel-lang/attributes
laravel-lang/actions

“The timing and pattern of the newly published tags

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the…

Uncategorized May 23, 2026

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a…

Uncategorized May 23, 2026

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of…

Core Offerings arrow_forward

Expert Teams arrow_forward

Why Cypro arrow_forward

Expert Advisory arrow_forward

About Us arrow_forward

Work With Us arrow_forward

Insights arrow_forward

Learning arrow_forward