New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk
Edit Calendar Icon 1 Jun 2026
SafeDep Logo

Strapi Plugin C2 Campaign

discovered 2026-04-03
JSON CSV

36 npm packages impersonating Strapi plugins that deploy Redis RCE, steal databases and maintain persistent command and control.

Objective

Establish persistent C2 and exfiltrate databases from Strapi deployments.

Packages

Indicators

Techniques

Read the full analysis →