Cybersecuritynews
Supply Chain Attack: Malicious Laravel Packages Deploy PHP RAT
First seen 4 Mar 2026, 06:09 UTC
•



•85% similarity
•40.3
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A supply chain attack has targeted the PHP developer community via Packagist, where threat actor nhattuanbl published malicious packages disguised as Laravel utility libraries. These packages contain a fully functional remote access trojan (RAT), allowing attackers to gain silent and persistent control over systems that install them.
ThreatCluster AI
Timeline
2026-03-04
Malicious packages discovered on Packagist
2026-03-04
Threat actor nhattuanbl identified as the source
Date unknown
Attackers gain control over affected systems