Malicious Strapi NPM Packages Target Guardarian Users in New Supply Chain Attack

What happened

A new supply chain attack targeting the Strapi ecosystem involved 36 malicious NPM packages published across four accounts and aimed at users of the cryptocurrency payment gateway Guardarian. The packages delivered multiple payloads designed for reverse shell deployment, credential harvesting, database targeting, and persistent access. In one payload, the malware targeted Redis instances to inject crontab entries, deploy PHP webshells and Node.js reverse shells, inject SSH keys, and exfiltrate a Guardarian API module. Another payload attempted to escape Docker containers through overlay filesystem discovery, write shells into host directories, launch a reverse shell, and read Elasticsearch and wallet credentials. The activity appears tailored to Strapi users based on plugin naming, configuration paths, Docker environment targeting, and focus on Linux systems. 

Who is affected

The direct exposure affects organizations and developers who installed the malicious Strapi packages, especially environments linked to Guardarian or using similar Strapi deployment patterns. The campaign targeted credentials, wallet files, PostgreSQL databases, Strapi configurations, and other system secrets that could support deeper access or follow-on compromise. 

Why CISOs should care

This incident matters because it combines software supply chain compromise with multiple post-installation attack paths, including reverse shells, credential theft, container escape attempts, and persistent implants. It also shows a targeted approach rather than a broad opportunistic spray, with signs that the operator adapted tactics over time after earlier payloads did not work as intended. 

3 practical actions

1. Identify and remove the malicious packages: Review Strapi-related dependencies for the 36 malicious NPM packages tied to this campaign and remove them from affected environments immediately. 
2. Rotate exposed secrets: Rotate database passwords, API keys, JWT secrets, SSH keys, wallet credentials, and other secrets stored on systems where the malicious packages may have been installed. 
3. Review container and host exposure together: Treat Docker environments, host directories, Redis, PostgreSQL, and Elasticsearch as part of one compromise path because the observed payloads attempted to move across those layers. 

For more news about malicious packages and software supply chain attacks, click Malware to read more.