diff --git a/composer.json b/composer.json
index 3c22443..45fffe4 100644
--- a/composer.json
+++ b/composer.json
@@ -30,7 +30,7 @@
         "ua-parser/uap-php": "^3.9.14"
     },
     "require-dev": {
-        "phpunit/phpunit": "^9.6",
+        "phpunit/phpunit": "^11.3",
         "squizlabs/php_codesniffer": "^3.7",
         "symbiote/silverstripe-queuedjobs": "^6",
         "silverstripe/standards": "^1",
diff --git a/tests/php/Control/LoginSessionControllerTest.php b/tests/php/Control/LoginSessionControllerTest.php
index 73c5d07..371b02f 100644
--- a/tests/php/Control/LoginSessionControllerTest.php
+++ b/tests/php/Control/LoginSessionControllerTest.php
@@ -17,6 +17,7 @@
 use SilverStripe\SessionManager\Control\LoginSessionMiddleware;
 use SilverStripe\SessionManager\Controllers\LoginSessionController;
 use SilverStripe\SessionManager\Models\LoginSession;
+use PHPUnit\Framework\Attributes\DataProvider;
 
 class LoginSessionControllerTest extends FunctionalTest
 {
@@ -113,7 +114,7 @@ public function testBadSecurityID()
         );
     }
 
-    public function badIDs()
+    public static function badIDs()
     {
         return [
             'No ID' => [''],
@@ -123,8 +124,8 @@ public function badIDs()
 
     /**
      * @param $id
-     * @dataProvider badIDs
      */
+    #[DataProvider('badIDs')]
     public function testBadID($sessionID)
     {
         $token = SecurityToken::inst()->getValue();