Someone Is Phishing for PHPUnit in Sites

Someone keeps phishing for phpunit presence on sites by doing post and get requests for wordpress, laravel, and other typical php project paths, including a CloudFlare plugin. This is the path they are asking for from our logs:

“vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"

Is there a vulnerability people need to watch out for?