Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised,
PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date.
“The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes,” Packagist’s Nils Adermann said
“The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes,” Packagist’s Nils Adermann said
,
PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date.
“The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes,” Packagist’s Nils Adermann said
“The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes,” Packagist’s Nils Adermann said
, ,
https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html