exakat@lemmy.world to

PHP@lemmy.worldEnglish · 15 days ago

Malicious JS Lifecycle Hooks Found Hiding Inside PHP Composer Packages

securityonline.info

6

8

Malicious JS Lifecycle Hooks Found Hiding Inside PHP Composer Packages

securityonline.info

exakat@lemmy.world to

PHP@lemmy.worldEnglish · 15 days ago

6

Socket exposes a clever cross-ecosystem supply chain attack targeting PHP packages by hiding a malicious JS postinstall backdoor inside package.json.

Chat

exakat@lemmy.worldOP
link
fedilink
English
arrow-up
1·
13 days ago
Another source for this info: https://socket.dev/blog/malicious-postinstall-hook-found-across-700-github-repos

PHP@lemmy.world

php@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !php@lemmy.world

<?

namespace lemmy\php;

/*

Welcome to the PHP community on Lemmy

#Rules:

1: Soon™

#Helpful stuff:

PHP Documentation

#Common frameworks:

*/

echo “Welcome”;

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

3 users / day
12 users / week
53 users / month
109 users / 6 months
1 local subscriber
417 subscribers
121 Posts
20 Comments
Modlog

mods:
Madpeter@lemmy.world