Cybersecurity researchers have flagged malicious Packagist PHP
packages masquerading as Laravel utilities that act as a conduit
for a cross-platform remote access trojan (RAT) that's functional
on Windows, macOS, and Linux systems. The names of the packages are
listed below - nhattuanbl/lara-helper (37 Downloads)
nhattuanbl/simple-queue (29 Downloads) nhattuanbl/lara-swagger (49
Downloads)
Read more https://thehackernews.com/2026/03/fake-laravel-packages-on-packagist.html
