PHP Packagist supply chain poisoned by hacker “looking for a job” – Naked Security
is a repository where community contributors can publish details of PHP packages they’ve created, making it easy for fellow PHP coders to get hold of library code they want to use in their own projects, and to keep that code up to date automatically if they wish. Packagist links to, but doesn’t itself keep copies…