Laravel-Lang Packages Poisoned for Malware Delivery

Malicious tags were introduced into Laravel-Lang packages to exfiltrate CI secrets, affecting users who installed the compromised packages. The attack vector is through compromised open-source packages. The vulnerability class is related to software supply chain attacks.

1. Malicious tags were introduced into Laravel-Lang packages to exfiltrate CI secrets.
2. The attack affected users who installed the compromised packages, with a specific focus on CI secrets exfiltration.
3. The attack chain involves introducing malicious tags into open-source packages, which can be exploited by users who install the compromised packages.
4. Detection opportunities include monitoring for suspicious network traffic related to CI secrets exfiltration.

T1190 - Spyware

Update to a non-compromised version of the Laravel-Lang package and monitor for suspicious network traffic related to CI secrets exfiltration.