TI Mindmap HUB
Threat Intelligence Report

Laravel-Lang Supply Chain Attack: Every Tag Across Multiple Composer Packages Rewritten to Steal CI Secrets

๐Ÿ“… May 28, 2026 ๐Ÿ“ฐ www.stepsecurity.io ๐Ÿ” 0 CVE(s) referenced

A threat actor with push access to the Laravel-Lang GitHub organization rewrote every git tag across four widely used Composer packages, causing all installs and updates to deliver a payload that steals CI secrets by exfiltrating them to an attacker-controlled domain.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle