Experts disclosed a flaw in the PHP software package repository Packagist that could have been exploited to carry out supply chain attacks. SonarSource Researchers disclosed details about a now-fixed vulnerability (CVE-2022-24828) in PHP software package repository Packagist,, that could have been exploited to carry out supply chain attacks.
Read full article on Security Affairs