Malicious Packagist packages masquerading as Laravel helper utilities are delivering an obfuscated PHP remote access trojan (RAT) that grants full remote control over compromised hosts. Two of these, nhattuanbl/lara-helper and nhattuanbl/simple-queue, embed a byte‑for‑byte identical RAT payload in src/helper.php. A third package, nhattuanbl/lara-swagger, appears benign but hard‑depends on lara-helper, ensuring the malware is installed transitively whenever developers require the swagger utility. […]

The post Malicious Laravel Packages Deploy PHP RAT, Grant Remote Access to Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/malicious-laravel-packages/