Tag
A threat actor published 36 malicious NPM packages disguised as Strapi plugins in a supply chain attack, designed to execute code, escape containers, harvest credentials, and establish persistent implants on Linux systems targeting Strapi users, with specific focus on the Guardarian cryptocurrency payment gateway.