Laravel Lang packages hijacked to deploy credential-stealing malware

Hackers hijacked popular Laravel translation packages (laravel-lang) to inject credential-stealing malware. The compromised packages, hosted on GitHub and Packagist, targeted developers by stealing environment variables, database credentials, and API keys. Users are advised to update to the latest patched versions immediately.