The Hacker News
@thehackernews
�� 36 npm packages posing as Strapi plugins were used to deliver malware that runs on install.
They exploited Redis and PostgreSQL, stole credentials, and deployed backdoors via postinstall scripts with full user or CI/CD access.
�� Details → https://thehackernews.com/2026/04/36-malicious-npm-packages-exploited.html
They exploited Redis and PostgreSQL, stole credentials, and deployed backdoors via postinstall scripts with full user or CI/CD access.
�� Details → https://thehackernews.com/2026/04/36-malicious-npm-packages-exploited.html
🤯 10
😱 9
👍 3
🔥 1
31 9.2K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram