Nils Adermann

@enunomaduro @packagist @npmjs See github.blog/changelog/2026…

@enunomaduro @packagist @npmjs Automatic CI actions build releases and push them, or in PHP you do a git tag. This appears as a staged (hidden) release on the registry. The maintainer then needs to publish it with 2FA.

this is what package managers like @packagist and @npmjs need to do: require email + 2fa confirmation before distributing a release.. it’s the only way

As an OSS maintainer, my new rule is that anything a frontier model can find with some reasonable effort is a 0-day. Hence why I'm now shipping security releases on public holidays.

@mitsuhiko They kept pushing new commits and tags even while we were already aware. Had to entirely remove the package on the registry to put an end to us redistributing the malware that is still present on GitHub now.

@mitsuhiko My impression is attacks on IDE plugins are enabling this. When attackers can just push commits & tags to legit repos, what safeguarded PHP Composer/Packagist and Go just falls apart. Wish I had had a way yesterday to get GitHub to block pushes to the repos

In the composer setup (and go fwiw) it’s rather distributed. I wonder if GitHub will want to start doing something more dramatic to affected repositories.

🚨 Ongoing supply chain attack on Composer packages! We just found multiple laravel-lang/* packages compromised on Packagist (lang, http-statuses, attributes). Payload runs at autoload time. At least 50 package versions were compromised. If you installed a compromised version, the malware already executed. Pin to a clean COMMIT (not version) and rotate secrets immediately. If your lockfile already had an older commit from before today, you are safe. But you should not update at the moment.

Be honest: you want one, right? Here's what you do: register for PHPverse and retweet this tweet and you might get one delivered to you 😎

@PeterJThomson @packagist We will add such an option. However that is both more difficult than we had hoped - we need to first ensure attackers cannot control release datetimes through git tags - and less relevant in PHP because PHP packages are git exported zips and no deps are present during builds

@packagist Can we get a “standdown” option in Composer? Some sort of latest but it needs to be x hours since initial publish? NPM added it recently and it really helps slow rapid propagation of supply chain attacks.

If you haven't updated Composer to 2.9.8 or 2.2.28 (LTS), do so urgently! GitHub will restart the rollout of their new GitHub Actions tokens later today. They've improved secret masking to cover this Composer issue, but you're safer if you update. #composerphp #php #phpc

If you get Shai Hulud, the minimum I want to see is a comment about what you're going to do to prevent it going forward. Just linking to a security advisory is not going to cut it for me to feel confident.

We recommend you change the default permissions for GitHub Actions GITHUB_TOKENs to read-only. Grant elevated permissions only where necessary. Use zizmor to analyze your GitHub Actions: github.com/zizmorcore/ziz… see also: phpunit.expert/articles/harde…

It took us a bit longer than expected but after over a month of discussions and rewrites, Composer 2.10 RC2 is now available for testing with a new policy config and detected malware now blocked by default on install. github.com/composer/compo… #composerphp #phpc

During the last few weeks, the #Symfony core team has been hard at work fixing a long list of vulnerabilities for both #Symfony and #Twig. Today, we're publishing that work in the biggest security patch releases ever. Bare with us and wish us luck 🍀

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

@JonPurvis_ @packagist Not yet, pushing 2.10 out first now. Unfortunately the min release flag is a bit more difficult to implement because it requires more involved changes on packagist.org to ensure attackers cannot control the release date time and circumvent any client side settings.

@naderman @packagist Definitely looking forward to the min release flag! Any idea on when it will be available?

PHP is wide open to Shai-Hulud supply chain attacks atm. Eg. a malicious version of `intercom/intercom-php` was published on @packagist on April 30th. I'd advise holding off on running `composer update` until Composer ships their registry-backed minimum release age feature.

Announcing the Ecosystem Security Team at The PHP Foundation! Thanks to a grant from @AlphaOmegaOSS at @linuxfoundation this effort will improve security across the entire PHP ecosystem. The amazing Volker Dusch will be filling this role.✨ thephp.foundation/blog/2026/05/1… #php #security

Three months of Private Packagist updates: Malware filter list support already in place, ahead of Composer 2.10's release next week. Plus a new package permissions tab, better background job visibility, and a narrower GitLab OAuth scope. Link 👇 #php #phpc #composerphp

In just a month, I'll be talking at LaraFest by @DutchLaravel, about supply chain attacks. It'll be a lot of fun, given all the investments we're making into protecting the @packagist ecosystem. 😀 meetup.com/dutchlaravelfo…

Docker in Docker is something almost no sandbox provider supports. For RL workloads specifically, being able to spin up a Docker Compose or a K3S cluster inside a sandbox unlocks an enormous range of workflows that simply don't work anywhere else. That alone has been a meaningful wedge into the research + RL customer segment.