Supply Chain Campaign Targeting Composer and GitHub Repositories (Campaign)
ID: 424b6485-9fcd-5f0b-bec5-cf5af0a1c323
STIX ID: report--424b6485-9fcd-5f0b-bec5-cf5af0a1c323
Feed Name: Wiz Cloud Threat Landscape
Date Published: 2026-05-24
Date Updated: 2026-05-29
Author: [email protected] (Wiz Threat Research)
Researchers reported large-scale software supply chain attacks targeting Packagist/Composer packages and upstream GitHub repositories: attackers inserted malicious postinstall hooks and modified Composer autoload via rewritten Git tags to execute credential‑stealing malware, exfiltrate CI/developer secrets, and compromise CI/CD pipelines, impacting hundreds of GitHub repositories and multiple popular Laravel-related packages.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.