{"id":254737,"date":"2026-05-25T05:27:00","date_gmt":"2026-05-25T09:27:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/25\/hijacked-laravel-packages-turned-into-silent-malware-delivery-system\/"},"modified":"2026-05-25T07:10:18","modified_gmt":"2026-05-25T11:10:18","slug":"hijacked-laravel-packages-turned-into-silent-malware-delivery-system","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/25\/hijacked-laravel-packages-turned-into-silent-malware-delivery-system\/","title":{"rendered":"Hijacked Laravel packages turned into silent malware delivery system"},"content":{"rendered":"<p><a href=\"https:\/\/www.escudodigital.com\/en\/cybersecurity\/hijacked-laravel-packages-turned-into-silent-malware-delivery-system.html\">Hijacked Laravel packages turned into silent malware delivery system<\/a><\/p>\n<p><a href=\"https:\/\/www.escudodigital.com\/en\/cybersecurity\/hijacked-laravel-packages-turned-into-silent-malware-delivery-system.html\">https:\/\/www.escudodigital.com\/en\/cybersecurity\/hijacked-laravel-packages-turned-into-silent-malware-delivery-system.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-25 05:27:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.escudodigital.com\">www.escudodigital.com<\/a><\/p>\n<p>A sophisticated attack has once again affected commonly used packages within the <strong>Laravel ecosystem<\/strong>. However, this time the concerning aspect is not just the infection itself, but the method employed: the attackers managed to <strong>introduce malicious code without directly modifying the project&#8217;s main code.<\/strong><\/p>\n<p>This cyberattack, documented by various security firms and detailed in the provided material, has raised alarms among developers and specialists.<\/p>\n<p>The operation has allowed the <strong>distribution of a silent malware<\/strong> designed to steal credentials, private keys, and extremely <strong>sensitive data on Windows, Linux, and macOS systems.<\/strong><\/p>\n<h2>What is Laravel and why is it so important<\/h2>\n<p>Laravel is one of the <strong>most popular web development frameworks in the PHP ecosystem<\/strong>. Its goal is to facilitate the creation of applications and online services through tools that simplify complex processes such as authentication, database management, routing, or security.<\/p>\n<p>Created in 2011 by Taylor Otwell, Laravel has become a <strong>reference among programmers<\/strong> and companies thanks to its intuitive structure and a large community of developers.<\/p>\n<p>Currently, thousands of projects use Laravel, from small platforms to large corporate applications and digital services.<\/p>\n<p>Precisely because of its popularity, any incident affecting components related to this environment can<strong> quickly spread across thousands of systems.<\/strong><\/p>\n<h2>The attack did not affect the official core of Laravel<\/h2>\n<p>One of the most relevant aspects is that the attack did not compromise the official project. The affected packages belonged to Laravel Lang, a set of third-party packages specialized in translations and localization used by numerous developers to adapt applications to different languages. Among them were:<\/p>\n<ul>\n<li>laravel-lang\/lang<\/li>\n<li>laravel-lang\/http-statuses<\/li>\n<li>laravel-lang\/attributes<\/li>\n<li>Possibly laravel-lang\/actions<\/li>\n<\/ul>\n<p>Although these packages are external to the Laravel core, they have a significant installation base.<\/p>\n<p>Researchers&#8230;<\/p>\n<p><a href=\"https:\/\/www.escudodigital.com\/en\/cybersecurity\/hijacked-laravel-packages-turned-into-silent-malware-delivery-system.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hijacked Laravel packages turned into silent malware delivery system https:\/\/www.escudodigital.com\/en\/cybersecurity\/hijacked-laravel-packages-turned-into-silent-malware-delivery-system.html Publish Date: 2026-05-25 05:27:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":254738,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/d3fkdmlbzjtjd3.cloudfront.net\/articulos\/articulos-78473.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[32,57],"class_list":["post-254737","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-malware","tag-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/254737"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=254737"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/254737\/revisions"}],"predecessor-version":[{"id":254739,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/254737\/revisions\/254739"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/254738"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=254737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=254737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=254737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}