@SocketSecurity on Backlist

Supply-chain attack backdoored 700+ Laravel Lang package versions

A widely used community PHP translation ecosystem was compromised across hundreds of historical releases with a remote-code-execution backdoor

by @SocketSecurity (Socket) · backlist 2026-05-23 · rubric 92.0