Supply Chain Attacks Target Laravel and Charter Communications — BleepingComputer

A significant supply chain attack has compromised Laravel Lang localization packages, deploying credential-stealing malware affecting developers. Concurrently, Charter Communications confirmed a data breach threatening exposure of 42 million records. These incidents underscore vulnerabilities in software supply chains and the critical need for stringent security measures to protect sensitive data and prevent unauthorized access.

• Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software [The Hacker News]
• npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks [The Hacker News]
• Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV [The Hacker News]
• LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root [The Hacker News]