packagist1 articles

Supply Chain Attack Hits Packagist: Eight PHP Packages Compromised via GitHub-Delivered Malware

Eight packages on Packagist, the primary dependency registry for PHP projects, were quietly backdoored in a supply chain attack that used GitHub infrastructure to serve Linux malware.