The Hacker News - Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. "The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes," Packagist's Nils Adermann said
from The Hacker News https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html
from The Hacker News https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html
Comments
Post a Comment