Php news

Several popular Laravel-Lang PHP packages were compromised in a software supply chain attack. Malicious code was injected to deliver a credential-stealing malware, posing a significant risk to applications using these packages and potentially exposing sensitive login information.

Multiple high-severity vulnerabilities have been discovered in PHP. These include a flaw in the PDO Firebird driver that could lead to SQL injection attacks and an issue in the mbstring extension that could expose sensitive information. These vulnerabilities affect a wide range of web applications.