> TritonInfoSec News

Home / Apr 05, 2026 / Story

#2 The Hacker News general April 05, 2026 at 05:07 UTC

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

By [email protected] (The Hacker News)

AI Summary

Researchers discovered 36 malicious npm packages disguised as Strapi CMS plugins that exploit Redis and PostgreSQL databases, deploy reverse shells, harvest credentials, and install persistent implants. Each package contains three files (package.json, index.js, postinstall.js) with no description or repository information, targeting developers through supply chain attacks. This highlights the ongoing threat to JavaScript development environments through compromised package repositories.

Read full article → https://thehackernews.com/2026/04/36-malicious-npm…

Relevance score: 92.0/100

Sponsored

Protect Your Business

Expert cybersecurity solutions to safeguard your organization from evolving threats.

Get Protected →

# More from April 05

1
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS The Hacker News
3
Axios npm hack used fake Teams error fix to hijack maintainer account BleepingComputer
4
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack SecurityWeek
5
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data BleepingComputer
6
Device code phishing attacks surge 37x as new kits spread online BleepingComputer
7
TrueConf Zero-Day Exploited in Asian Government Attacks SecurityWeek
8
React2Shell Exploited in Large-Scale Credential Harvesting Campaign SecurityWeek
9
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images The Hacker News
10
CERT-EU: European Commission hack exposes data of 30 EU entities BleepingComputer