Posts tagged with 'supply chain' - Freek Van der Herten's blog on Laravel, PHP and AI

Posts tagged with supply chain

An Update on Composer & Packagist Supply Chain Security

May 27th 2026 – blog.packagist.com

Composer and Packagist share a solid overview of the supply chain security work already in place, what is shipping now, and what is coming next. Worth reading if you maintain PHP packages or care about how the ecosystem is hardening against package compromise.

A GitHub Issue Title Compromised 4,000 Developer Machines

Mar 16th 2026 – grith.ai

A deep dive into "Clinejection", where an attacker injected a prompt into a GitHub issue title, which an AI triage bot interpreted as an instruction. The resulting chain led to cache poisoning, credential theft, and a compromised npm package that silently installed a second AI agent on 4,000 developer machines.

Read more [grith.ai]

All posts tagged with supply chain.

I'm a Laravel developer at Spatie and Oh Dear. I maintain 300+ open source packages for the Laravel community.

Follow on X

Oh Dear monitors your entire website, so you don't have to. Uptime, SSL certificates, broken links, scheduled tasks, DNS, and more — all in one place.

Get instant notifications when something breaks, paired with a developer friendly API and thorough documentation.

Create a public status page in under a minute. Start your free trial.