Composer - Tool

Threat entity extracted from intelligence sources

Frequency
9
occurrences
First Seen
March 17, 2026
Last Seen
June 26, 2026

Composer is a tool tracked across 5 threat clusters and 9 intelligence report mentions on ThreatCluster. First observed March 17, 2026; most recent activity June 26, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Packagist is now protected by Aikido Intel and other updates to the PHP registry — Aikido.Dev · June 26, 2026
  • Laravel Lang Supply Chain Advisory — Snyk · May 23, 2026
  • Laravel Lang Packages Hijacked to Deploy Credential-Stealing Malware — Ground.News · May 23, 2026
  • Hackers Compromise Laravel — Gbhackers · May 23, 2026
  • Hackers Compromised 233 Versions of Laravel — Cybersecuritynews · May 23, 2026
  • Packagist Warns: Update Composer Now After GitHub Actions Token Leak — Gbhackers · May 14, 2026
  • Composer 2.9.6 Fixes Two Perforce Command Injection Vulnerabilities — Laravel-News · April 15, 2026
  • 6 Malicious Packagist Themes Ship Trojanized jQuery in OphimCMS Supply Chain Attack — Cybersecuritynews · March 17, 2026

CVSS v3.1 Breakdown