Ransomware & Malware
36 Fake npm Strapi Plugins Slip Redis and Postgres Backdoors into Dev Pipelines
Imagine firing up npm install for a quick Strapi tweak, only to hand attackers your database keys and a persistent foothold. That's the nightmare 36 malicious packages just unleashed on unsuspecting devs.