Cryptocurrency Gateway Guardarian Hit by Sophisticated Supply Chain Attack

Guardarian hit by a supply chain attack using malicious NPM packages in Strapi, risking credential theft and system access.

By Content Team

Apr 6, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybercriminals launched a targeted supply chain attack against Guardarian, a cryptocurrency payment gateway, using 36 malicious NPM packages in the Strapi ecosystem. Security firm SafeDep discovered the campaign Friday, revealing attackers deployed multiple payloads capable of Redis code execution, Docker container escapes, and credential theft.

The attack specifically targeted Strapi users through fake plugins that could inject crontab entries, deploy webshells, harvest wallet credentials, and establish persistent access to systems. The attackers showed clear progression - starting with aggressive tactics like Redis attacks, then pivoting to reconnaissance and data collection when initial methods failed.

Users who installed these malicious packages should immediately rotate all credentials, including database passwords, API keys, and JWT secrets stored on their systems.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Pennsylvania Community College Shuts Down After Ransomware Attack Encrypts All Data

Mar 13, 2026

Hackers Using Windows Screensavers to Bypass Security and Install Malware

Feb 5, 2026

Cybercriminals Launch Sophisticated Phishing Attack Targeting LastPass Users

Jan 22, 2026

New 'CrashFix' Scam Intentionally Crashes Browsers to Deliver Malware

Jan 21, 2026