1. Packagist Issues Critical Update Warning as GitHub Actions Token Leak Exposes Supply Chain Risk
The Packagist team has issued an urgent call for users to update their Composer installations immediately following the discovery of a GitHub Actions token leak that could expose the PHP package ecosystem to supply chain attacks. Socket, the software supply chain security firm that first reported the incident, warned t...