Ongoing Supply Chain Attack on Composer Packages

A supply chain attack is ongoing, targeting Composer packages and compromising multiple PHP libraries and frameworks. Attackers are injecting malicious code into open-source dependencies to steal credentials and sensitive data. Users are advised to audit their dependencies and update immediately.