Laravel-Lang Supply Chain Attack
A supply chain attack has compromised the Laravel-Lang repository, rewriting all tags to point to malicious commits. Users running specific Composer commands may inadvertently expose their CI/CD secrets to an attacker-controlled domain. This incident is part of a coordinated campaign affecting multiple Laravel-Lang repositories within a short time frame.
- ▪All tags in the Laravel-Lang repository have been rewritten to point to malicious commits.
- ▪Running 'composer require laravel-lang/http-statuses' or 'composer update' can exfiltrate CI/CD secrets.
- ▪The attack occurred on May 22, 2026, within a 15-minute window.
Opening excerpt (first ~120 words) tap to expand
Laravel-Lang / http-statuses Public Uh oh! There was an error while loading. Please reload this page. Notifications You must be signed in to change notification settings Fork 25 Star 28 Code Issues 1 Pull requests 1 Actions Security and quality 0 Insights Additional navigation options Code Issues Pull requests Actions Security and quality Insights {"payload":{"preloaded_records":{},"structured_data":{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Security: All repository tags have been rewritten to point to malicious commits","articleBody":"## Summary\n\nAll tags in this repository have been rewritten to point to malicious commits.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at GitHub.