C2

Supply Chain 2026-04-05
36 Malicious npm Packages Disguised as Strapi Plugins Deploy Redis Exploits, PostgreSQL Credential Harvesting, and Persistent Implants
A coordinated campaign planted 36 fake Strapi CMS plugins on npm that exploit Redis and PostgreSQL instances, harvest credentials, and install persistent C2 implants targeting production infrastructure.
supply-chain npm strapi redis postgresql credential-harvesting c2
2026-04-02
Dead Drops on the Chain: Why Blockchain Became the C2 Infrastructure Defenders Can't Take Down
From EtherHiding to CanisterWorm to GlassWorm — attackers spent three years systematically proving that blockchain is the unkillable C2 channel. Here's how each technique works and what you can actually do about it.
blockchain c2 supply-chain malware icp solana ethereum detection defense threat-intelligence
supply-chain 2026-03-30 Critical
CanisterWorm and GlassWorm: Two Independent Supply Chain Attacks Using Blockchain as C2
Both attacks use blockchain infrastructure — ICP and Solana respectively — as command-and-control channels. Trivy itself was compromised.
supply-chain blockchain trivy npm rust-crates c2

36 Malicious npm Packages Disguised as Strapi Plugins Deploy Redis Exploits, PostgreSQL Credential Harvesting, and Persistent Implants