Composer vulnerability leaks GitHub tokens, threatens PHP supply chain

Update May 13th: GitHub has temporarily rolled back the new token format rollout. According to the Composer maintainers, that leaves a few days to update Composer in CI before the rollout resumes n…

Read Full Article on Sansec.io →