diff --git a/internal/languages/java/detectors/.snapshots/TestJavaString-string b/internal/languages/java/detectors/.snapshots/TestJavaString-string
index bc4c22bf9..cedcbab2c 100644
--- a/internal/languages/java/detectors/.snapshots/TestJavaString-string
+++ b/internal/languages/java/detectors/.snapshots/TestJavaString-string
@@ -363,6 +363,21 @@ children:
   data:
     value: Hello World
     isliteral: true
+- node: 44
+  content: s += "!!"
+  data:
+    value: Hello World!!!
+    isliteral: true
+- node: 57
+  content: s2 += args[0]
+  data:
+    value: hey *
+    isliteral: false
+- node: 67
+  content: s2 += " there"
+  data:
+    value: hey * there
+    isliteral: false
 - node: 38
   content: Greeting + "!"
   data:
diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_assign_eq b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_assign_eq
index e9818bd76..46d3f41ba 100644
--- a/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_assign_eq
+++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_assign_eq
@@ -181,6 +181,21 @@ children:
                   id: 36
                   range: 6:8 - 6:9
 
+- node: 11
+  content: x += "b"
+  data:
+    value: ab
+    isliteral: true
+- node: 19
+  content: x += name
+  data:
+    value: ab*
+    isliteral: false
+- node: 30
+  content: y += "c"
+  data:
+    value: '*c'
+    isliteral: false
 - node: 6
   content: '"a"'
   data:
diff --git a/internal/languages/php/detectors/.snapshots/TestPHPString-string b/internal/languages/php/detectors/.snapshots/TestPHPString-string
index d8cd6c926..720960508 100644
--- a/internal/languages/php/detectors/.snapshots/TestPHPString-string
+++ b/internal/languages/php/detectors/.snapshots/TestPHPString-string
@@ -1,10 +1,10 @@
 type: program
 id: 0
-range: 1:1 - 15:3
+range: 1:1 - 18:1
 dataflow_sources:
     - 1
     - 2
-    - 100
+    - 117
 children:
     - type: php_tag
       id: 1
@@ -12,7 +12,7 @@ children:
       content: <?php
     - type: class_declaration
       id: 2
-      range: 2:1 - 14:2
+      range: 2:1 - 16:2
       queries:
         - 1
       children:
@@ -25,7 +25,7 @@ children:
           content: Greet
         - type: declaration_list
           id: 5
-          range: 2:13 - 14:2
+          range: 2:13 - 16:2
           children:
             - type: '"{"'
               id: 6
@@ -79,7 +79,7 @@ children:
                   range: 3:35 - 3:36
             - type: method_declaration
               id: 17
-              range: 5:5 - 13:6
+              range: 5:5 - 15:6
               children:
                 - type: visibility_modifier
                   id: 18
@@ -139,7 +139,7 @@ children:
                       range: 5:38 - 5:39
                 - type: compound_statement
                   id: 31
-                  range: 6:5 - 13:6
+                  range: 6:5 - 15:6
                   children:
                     - type: '"{"'
                       id: 32
@@ -431,32 +431,151 @@ children:
                         - type: '";"'
                           id: 97
                           range: 12:24 - 12:25
-                    - type: '"}"'
+                    - type: expression_statement
                       id: 98
-                      range: 13:5 - 13:6
+                      range: 14:9 - 14:33
+                      children:
+                        - type: assignment_expression
+                          id: 99
+                          range: 14:9 - 14:32
+                          alias_of:
+                            - 104
+                          queries:
+                            - 0
+                          children:
+                            - type: variable_name
+                              id: 100
+                              range: 14:9 - 14:12
+                              children:
+                                - type: '"$"'
+                                  id: 101
+                                  range: 14:9 - 14:10
+                                - type: name
+                                  id: 102
+                                  range: 14:10 - 14:12
+                                  content: s3
+                            - type: '"="'
+                              id: 103
+                              range: 14:13 - 14:14
+                            - type: encapsed_string
+                              id: 104
+                              range: 14:15 - 14:32
+                              dataflow_sources:
+                                - 105
+                                - 106
+                                - 107
+                                - 108
+                                - 111
+                                - 112
+                                - 113
+                              children:
+                                - type: '"""'
+                                  id: 105
+                                  range: 14:15 - 14:16
+                                - type: string
+                                  id: 106
+                                  range: 14:16 - 14:21
+                                  content: foo '
+                                - type: '"{"'
+                                  id: 107
+                                  range: 14:21 - 14:22
+                                - type: variable_name
+                                  id: 108
+                                  range: 14:22 - 14:25
+                                  alias_of:
+                                    - 88
+                                  children:
+                                    - type: '"$"'
+                                      id: 109
+                                      range: 14:22 - 14:23
+                                    - type: name
+                                      id: 110
+                                      range: 14:23 - 14:25
+                                      content: s2
+                                - type: '"}"'
+                                  id: 111
+                                  range: 14:25 - 14:26
+                                - type: string
+                                  id: 112
+                                  range: 14:26 - 14:31
+                                  content: ''' bar'
+                                - type: '"""'
+                                  id: 113
+                                  range: 14:31 - 14:32
+                        - type: '";"'
+                          id: 114
+                          range: 14:32 - 14:33
+                    - type: '"}"'
+                      id: 115
+                      range: 15:5 - 15:6
             - type: '"}"'
-              id: 99
-              range: 14:1 - 14:2
+              id: 116
+              range: 16:1 - 16:2
     - type: text_interpolation
-      id: 100
-      range: 15:1 - 15:3
+      id: 117
+      range: 17:1 - 17:3
       dataflow_sources:
-        - 101
+        - 118
       children:
         - type: '"?>"'
-          id: 101
-          range: 15:1 - 15:3
+          id: 118
+          range: 17:1 - 17:3
 
+- node: 12
+  content: '"Hello World"'
+  data:
+    value: Hello World
+    isliteral: true
 - node: 14
   content: Hello World
   data:
     value: Hello World
     isliteral: true
+- node: 52
+  content: $s .= "!!"
+  data:
+    value: '*!!!'
+    isliteral: false
+- node: 74
+  content: $s2 .= $args[0]
+  data:
+    value: hey *
+    isliteral: false
+- node: 88
+  content: $s2 .= " there"
+  data:
+    value: hey * there
+    isliteral: false
 - node: 39
   content: self::Greeting . "!"
   data:
-    value: '**'
+    value: '*!'
+    isliteral: false
+- node: 57
+  content: '"!!"'
+  data:
+    value: '!!'
+    isliteral: true
+- node: 68
+  content: '"hey "'
+  data:
+    value: 'hey '
+    isliteral: true
+- node: 93
+  content: '" there"'
+  data:
+    value: ' there'
+    isliteral: true
+- node: 104
+  content: '"foo ''{$s2}'' bar"'
+  data:
+    value: foo 'hey * there' bar
     isliteral: false
+- node: 46
+  content: '"!"'
+  data:
+    value: '!'
+    isliteral: true
 - node: 59
   content: '!!'
   data:
@@ -472,6 +591,16 @@ children:
   data:
     value: ' there'
     isliteral: true
+- node: 106
+  content: foo '
+  data:
+    value: foo '
+    isliteral: true
+- node: 112
+  content: ''' bar'
+  data:
+    value: ''' bar'
+    isliteral: true
 - node: 48
   content: '!'
   data:
diff --git a/internal/languages/php/detectors/string/string.go b/internal/languages/php/detectors/string/string.go
index 1b77938ab..1993b87dd 100644
--- a/internal/languages/php/detectors/string/string.go
+++ b/internal/languages/php/detectors/string/string.go
@@ -28,10 +28,17 @@ func (detector *stringDetector) DetectAt(
 ) ([]interface{}, error) {
 	switch node.Type() {
 	case "string":
+		value := node.Content()
+		if node.Parent() != nil && node.Parent().Type() != "encapsed_string" {
+			value = stringutil.StripQuotes(value)
+		}
+
 		return []interface{}{common.String{
-			Value:     stringutil.StripQuotes(node.Content()),
+			Value:     value,
 			IsLiteral: true,
 		}}, nil
+	case "encapsed_string":
+		return common.ConcatenateChildStrings(node, detectorContext)
 	case "binary_expression":
 		if node.Children()[1].Content() == "." {
 			return common.ConcatenateChildStrings(node, detectorContext)
diff --git a/internal/languages/php/detectors/testdata/string.php b/internal/languages/php/detectors/testdata/string.php
index 6ddb251ac..395d88ac2 100644
--- a/internal/languages/php/detectors/testdata/string.php
+++ b/internal/languages/php/detectors/testdata/string.php
@@ -10,6 +10,8 @@ public static function main($args)
         $s2 = "hey ";
         $s2 .= $args[0];
         $s2 .= " there";
+
+        $s3 = "foo '{$s2}' bar";
     }
 }
-?>
\ No newline at end of file
+?>
diff --git a/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_assign_eq b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_assign_eq
index f4346c113..da9671ae1 100644
--- a/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_assign_eq
+++ b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_assign_eq
@@ -149,6 +149,21 @@ children:
               id: 29
               range: 6:8 - 6:9
 
+- node: 8
+  content: x += "b"
+  data:
+    value: ab
+    isliteral: true
+- node: 15
+  content: x += name
+  data:
+    value: ab*
+    isliteral: false
+- node: 23
+  content: y += "c"
+  data:
+    value: '*c'
+    isliteral: false
 - node: 4
   content: '"a"'
   data:
diff --git a/internal/scanner/detectors/common/string.go b/internal/scanner/detectors/common/string.go
index 442256ba8..1b00c83e9 100644
--- a/internal/scanner/detectors/common/string.go
+++ b/internal/scanner/detectors/common/string.go
@@ -1,8 +1,6 @@
 package common
 
 import (
-	"fmt"
-
 	"github.com/bearer/bearer/internal/scanner/ast/traversalstrategy"
 	"github.com/bearer/bearer/internal/scanner/ast/tree"
 	"github.com/bearer/bearer/internal/scanner/ruleset"
@@ -77,15 +75,7 @@ func ConcatenateChildStrings(node *tree.Node, detectorContext types.Context) ([]
 }
 
 func ConcatenateAssignEquals(node *tree.Node, detectorContext types.Context) ([]interface{}, error) {
-	dataflowSources := node.ChildByFieldName("left").DataflowSources()
-	if len(dataflowSources) == 0 {
-		return nil, nil
-	}
-	if len(dataflowSources) != 1 {
-		return nil, fmt.Errorf("expected exactly one data source for `+=` node but got %d", len(dataflowSources))
-	}
-
-	left, leftIsLiteral, err := GetStringValue(dataflowSources[0], detectorContext)
+	left, leftIsLiteral, err := GetStringValue(node.ChildByFieldName("left"), detectorContext)
 	if err != nil {
 		return nil, err
 	}