Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that could have been exploited to mount software supply chain attacks. “This vulnerability allows gaining control ofPackagist,” SonarSource researcher Thomas Chauchefoinsaidin a report shared with The Hacker News. Packagist is used by the PHP package manager