https://cybercrime.club/tags/credential-harvesting/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSun, 05 Apr 2026 14:09:32 -0400https://cybercrime.club/posts/malicious-strapi-npm-packages-redis-postgresql-implants/Sun, 05 Apr 2026 14:09:32 -0400https://cybercrime.club/posts/malicious-strapi-npm-packages-redis-postgresql-implants/A coordinated campaign planted 36 fake Strapi CMS plugins on npm that exploit Redis and PostgreSQL instances, harvest credentials, and install persistent C2 implants targeting production infrastructure.Supply Chain