Researchers identified multiple coordinated software supply chain attacks targeting Composer/Packagist packages and upstream GitHub repositories. The activity involved malicious postinstall hooks, compromised Git tags, CI/CD payload execution, and credential-stealing malware d...

Researchers identified multiple coordinated software supply chain attacks targeting Composer/Packagist packages and upstream GitHub repositories. The activity involved malicious postinstall hooks, compromised Git tags, CI/CD payload execution, and credential-stealing malware d...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/supply-chain-campaign-targeting-composer-and-github-repositories