36 Malicious npm Packages Target Guardarian Infrastructure via Strapi Plugins

📰 Dev.to · BeyondMachines

A coordinated supply chain attack involving 36 malicious npm packages targeted the cryptocurrency platform Guardarian to steal database credentials and wallet keys. The campaign exploited Redis and Docker vulnerabilities to deploy persistent, fileless backdoors on production Strapi CMS servers.

Published 5 Apr 2026
Read full article → ← Back to Reads