Threat Intelligence Report

Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

📅 May 23, 2026 📰 socket.dev 🔍 0 CVE(s) referenced

A sophisticated supply chain attack on Laravel Lang localization packages has deployed a stealthy, automated PHP backdoor across 700+ versions, enabling remote code execution and mass exfiltration of cloud, CI/CD, developer, and application secrets from compromised systems.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle