A campaign involving 36 malicious npm packages disguised as plugins for the Strapi CMS has exposed how easily attackers can weaponize the open source software supply chain. The packages were designed to exploit Redis and PostgreSQL, deploy reverse shells, steal credentials, and install persistent implants on compromised systems.
Malicious npm packages masquerading as Strapi plugins
According to research by SafeDep, each rogue package followed the same minimal structure: just three files—package.json, index.js, and postinstall.js. The publications lacked descriptions, repository links, or homepages, but all were set to version 3.6.8 to impersonate mature community plugins compatible with Strapi v3.
The packages used a consistent naming convention: the prefix “strapi-plugin-“ followed by terms such as “cron”, “database”, or “server”. This pattern closely mirrors legitimate community plugins and increases the likelihood that developers will mistake them for trusted extensions.
Crucially, official Strapi plugins are published under the @strapi/ namespace. The absence of this namespace is a key indicator that these npm modules are not part of the official ecosystem, and should be treated with suspicion.
The 36 packages were uploaded over roughly 13 hours using four disposable npm accounts: “umarbek1233”, “kekylf12”, “tikeqemif26”, “umar_bektembiev1”. This rapid-fire publishing pattern is typical of supply chain campaigns that aim to infect as many targets as possible before the ecosystem or security vendors can react and remove the artifacts.
Technical analysis of the npm malware campaign
Abuse of postinstall scripts for stealthy code execution
The core malicious functionality resided in the postinstall script, which runs automatically whenever “npm install” is executed. This lifecycle script is triggered without explicit user approval and inherits the privileges of the account performing the installation. In CI/CD pipelines, container builds, or root-level deployments, this can grant attackers extensive control over the environment.
This technique underscores a systemic weakness in the npm ecosystem: any package with lifecycle scripts can execute arbitrary code at install time, turning the software supply chain itself into a high‑value attack vector.
From aggressive exploitation to stealthy persistence
SafeDep identified eight distinct payload variants used throughout the campaign, revealing an evolution in attacker tactics:
1. Initial aggressive exploitation: early payloads attempted remote code execution (RCE) via Redis and included Docker escape techniques to break out of containers and compromise the host operating system.
2. Environment reconnaissance and profiling: after limited success with direct exploitation, the attackers shifted toward detailed environment inventory, collecting system data and configuration details to better understand the target infrastructure.
3. Direct database access via hard‑coded credentials: later iterations contained embedded usernames, passwords, and hostnames for PostgreSQL, enabling the attackers to connect directly to databases and bypass the application layer entirely.
4. Persistence, reverse shells, and credential theft: final payloads prioritized installing a persistent implant, establishing reverse shell access, and systematically harvesting sensitive credentials and secrets.
The focus on database access, digital assets, and hard‑coded connection parameters suggests that the campaign was likely targeted at a cryptocurrency platform or fintech service, where direct control over data and keys can rapidly translate into financial gain.
Open source software supply chain attacks: context and trends
The discovery of these fake Strapi plugins fits into a broader surge in open source software supply chain attacks. A February 2026 report by Group-IB describes supply chain intrusions as a “dominant force shaping the global cyber threat landscape,” enabling adversaries to gain inherited access to multiple organizations through a single compromised dependency or vendor.
Package repositories such as npm and PyPI have become priority targets. Attackers routinely abuse stolen maintainer credentials, automated worms that poison large numbers of libraries, and malicious code inserted directly into build processes. As a result, CI/CD pipelines are increasingly being weaponized as large-scale distribution channels for malware.
The danger of these attacks lies in their amplification effect: a single compromised package can create cross‑border, multi‑tenant impact, simultaneously affecting software vendors, their customers, and downstream partners that consume the same dependencies.
Defensive measures for developers and organizations
Teams that have installed any of the identified packages should assume compromise and immediately rotate all credentials, including database passwords, API keys, and CI/CD secrets. It is essential to review logs for anomalous activity, investigate outbound connections, and redeploy critical services from trusted, verified images.
To reduce exposure to future supply chain attacks, organizations should:
1. Enforce strict dependency validation. Verify namespaces (for Strapi, only trust @strapi/), source repositories, version history, and download volumes. Avoid packages that lack clear descriptions, maintainers, or provenance.
2. Control lifecycle scripts. In sensitive environments, install dependencies with lifecycle scripts disabled (for example, npm install –ignore-scripts) and conduct targeted reviews of any packages that require install-time execution.
3. Use Software Composition Analysis and internal mirrors. Deploy SCA tools to map and monitor all open source components, maintain internal npm mirrors, and implement allowlists/denylists for approved dependencies.
4. Harden CI/CD and container security. Minimize the use of root inside containers, apply least-privilege access to pipelines, segregate build and runtime environments, and regularly rotate secrets stored in orchestration platforms.
The use of malicious npm packages disguised as popular Strapi plugins demonstrates that every phase of modern software delivery—from development to deployment—is now a viable attack surface. Development teams and security leaders should treat dependency management with the same rigor as production hardening: verify trust, inspect source code where feasible, and implement layered defenses around the entire software supply chain.
