Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
04 March 2026
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that's functional on Windows, macOS, and Linux systems.
The names of the packages are listed below -
nhattuanbl/lara-helper (37 Downloads)
nhattuanbl/simple-queue (29 Downloads)
nhattuanbl/lara-swagger (49 Downloads)