Laravel Lang Supply Chain Advisory
Source: Snyk
Published:
<p>On May 22 and May 23, 2026, an attacker republished hundreds of malicious versions under historical release tags for four community-maintained Laravel localization libraries that are published on Packagist under the laravel-lang namespace.</p> <p>The poisoned releases did not originate from the o