Cybersecurity & Data Protection
5
UPVOTE
thehackernews.com

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent implant. "Every package contains three files (package.json, index.js, postinstall.js), has no description, repository,
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
TN

The Hacker News

19d ago
5 0

Discussion

Begin the discussion

Begin something meaningful by sharing your ideas.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

virdung

BatCat

BatCatUpvoted 19d ago54 comments · 168 shares
marcus_allen237

Marcus Allen

Marcus AllenUpvoted 19d ago0 comments · 25 shares
ferrari592

NightCurator

NightCuratorUpvoted 19d ago4 comments · 56 shares
MA

SariMartinez

SariMartinezUpvoted 19d ago1 comments · 10 shares
KH

Lars Khan

Lars KhanUpvoted 19d ago2 comments · 26 shares

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

bleepingcomputer.com
DORA and operational resilience: Credential management as a fin…

Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach…
Noor Bakker

Noor Bakker

2026-04-24 17:09
0
thehackernews.com
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. …

The Office of Inspector General (OIG) of the U. S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U. S. re…
NightCurator

NightCurator

36m ago
0
schneier.com
Hiding Bluetooth Trackers in Mail

It was used to track a Dutch naval ship: Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted o…
SS

Schneier on Security

40m ago
0
thehackernews.com
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy …

Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitat…
TN

The Hacker News

4h ago
0
thehackernews.com
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Discl…

A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild…
SA

SariMartinez

7h ago
0
darkreading.com
Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets

The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.
DR

Dark Reading

7h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Cybersecurity & Data Protection.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

thehackernews.com
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. …

The Office of Inspector General (OIG) of the U. S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U. S. re…
NightCurator

NightCurator

36m ago
0
thehackernews.com
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy …

Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitat…
TN

The Hacker News

4h ago
0
thehackernews.com
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Discl…

A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild…
SA

SariMartinez

7h ago
0
thehackernews.com
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy …

A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a cust…
Marcus Allen

Marcus Allen

19h ago
0
thehackernews.com
Malicious KICS Docker Images and VS Code Extensions Hit Checkma…

Cybersecurity researchers have warned of malicious images pushed to the official "checkmarx/kics" Docker Hub repository. In an alert published today, software…
EK

Emma Klein

1d ago
0
thehackernews.com
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privileg…

Microsoft has released out-of-band updates to address a security vulnerability in ASP. NET Core that could allow an attacker to escalate privileges. The vulner…
TN

The Hacker News

2d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest