Bad Actor Drops 36 Malicious Packages in npm, Targets Guardarian Users

Published: 0 month ago (April 6, 2026 at 12:43 PM EDT)

1 min read

Source: DevOps.com

The npm code repository is again being used by a bad actor to launch a supply chain attack that includes three dozen malicious packages that appear as Strapi CMS plugins but deliver a range of threats. Strapi is a popular open source headless Node.js content management system developers use to build, manage, and expose content.

Back to Blog

Is Your AI Agent Secure? The DevOps Case for Adversarial QA Testing

Adversarial QA testing helps validate AI agents under real-world conditions, exposing risks like prompt injection and logic failures....

Latest Typosquatting Attack Targeting VS Code Tools Hits Windsurf IDE

Cybersecurity researchers from Bitdefender, a provider of an endpoint detection and response EDR platform, have discovered a malicious extension for the Windsur...

Microsoft Field Engineers Built a Six-Agent Research Pipeline in VS Code That Fact-Checks Its Own Output

Azure Global Black Belts Diego Casati and Ray Kao developed Project Nighthawk, a multi‑agent system that automates deep technical research for AKS and ARO with...

Giving AI Agents the Keys to Real Infrastructure

AI coding assistants can generate pull requests faster than most teams can review them, and that mismatch is creating a new kind of bottleneck across engineerin...

Related posts

Is Your AI Agent Secure? The DevOps Case for Adversarial QA Testing

Latest Typosquatting Attack Targeting VS Code Tools Hits Windsurf IDE

Microsoft Field Engineers Built a Six-Agent Research Pipeline in VS Code That Fact-Checks Its Own Output

Giving AI Agents the Keys to Real Infrastructure