New Blog: Malicious npm campaign targets strapi-plugin Deploys Full C2 Agent
Edit Calendar Icon 3 Apr 2026
SafeDep Logo
SafeDep MCP launched Setup Now

Who's Auditing What Your
AI Agents Install?

Compromised packages steal credentials the moment they're installed — whether pulled by a developer or an AI agent. SafeDep detects them before they reach your environment.

GitHub Star on GitHub Explore the Platform
Cursor NPM Claude Docker OpenAI Windsurf Go Gemini
npm
strapi-plugin-c...@1.0.0
Malicious
High

Fri Apr 03 2026; 2:02AM

View Report
npm
strapi-plugin-c...@1.0.0
Malicious
High

Fri Apr 03 2026; 2:47AM

View Report
npm
strapi-plugin-s...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:01AM

View Report
npm
strapi-plugin-d...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:05AM

View Report
npm
strapi-plugin-h...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:37AM

View Report
npm
strapi-plugin-m...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:40AM

View Report
npm
strapi-plugin-e...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:46AM

View Report
npm
strapi-plugin-s...@1.0.0
Malicious
High

Fri Apr 03 2026; 4:45AM

View Report
npm
strapi-plugin-a...@3.6.8
Malicious
High

Fri Apr 03 2026; 11:53AM

View Report
npm
strapi-plugin-a...@3.6.9
Malicious
High

Fri Apr 03 2026; 3:04PM

View Report
pypi
litellm@1.82.7
Malicious
High

Tue Mar 24 2026; 12:00AM

View Report
pypi
litellm@1.82.8
Malicious
High

Tue Mar 24 2026; 12:00AM

View Report
pypi
telnyx@4.87.1
Malicious
High

Fri Mar 27 2026; 12:00AM

View Report
pypi
telnyx@4.87.2
Malicious
High

Fri Mar 27 2026; 12:00AM

View Report
npm
v-plausible@1.2.1
Malicious
High

Mon Nov 24 2025; 4:48PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
rubygems
rails@7.0.4
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
vue@3.2.39
Safe
High

Tue Nov 25 2025; 6:02AM

View Report
npm
use-unsaved-cha...@1.0.9
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
zuper-cli@1.0.1
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
wenk@1.0.10
Malicious
High

Mon Nov 24 2025; 10:25AM

View Report
rubygems
devise@4.8.1
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
upload-to-play-...@1.0.1
Malicious
High

Mon Nov 24 2025; 4:52PM

View Report
npm
valuedex-sdk@3.0.5
Malicious
High

Mon Nov 24 2025; 4:52PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
npm
vf-oss-template@1.0.2
Malicious
High

Mon Nov 24 2025; 11:30AM

View Report
npm
wallet-evm@0.3.1
Malicious
High

Mon Nov 24 2025; 3:49PM

View Report
npm
vf-oss-template@1.0.3
Malicious
High

Mon Nov 24 2025; 12:11PM

View Report
npm
zuper-sdk@1.0.57
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
url-encode-deco...@1.0.1
Malicious
High

Mon Nov 24 2025; 10:05AM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
npm
wenk@1.0.9
Malicious
High

Mon Nov 24 2025; 10:08AM

View Report
npm
victoria-wallet...@0.1.2
Malicious
High

Mon Nov 24 2025; 4:25PM

View Report
npm
wellness-expert...@5.1.1
Malicious
High

Mon Nov 24 2025; 9:24AM

View Report
cargo
tokio@1.21.2
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
vf-oss-template@1.0.1
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
pypi
requests@2.28.1
Safe
High

Thu Jan 23 2025; 6:05PM

View Report
pypi
fastapi@0.85.0
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
wallet-evm@0.3.2
Malicious
High

Mon Nov 24 2025; 4:25PM

View Report
npm
web-scraper-mcp@1.1.4
Malicious
High

Mon Nov 24 2025; 9:19AM

View Report
npm
upload-to-play-...@1.0.2
Malicious
High

Mon Nov 24 2025; 10:22AM

View Report
npm
express@4.18.1
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
victoria-wallet...@0.1.2
Malicious
High

Mon Nov 24 2025; 4:25PM

View Report
cargo
async-std@1.12.0
Safe
High

Tue Nov 25 2025; 6:08AM

View Report
npm
valid-south-afr...@1.0.3
Malicious
High

Mon Nov 24 2025; 10:15AM

View Report
npm
zuper-stream@2.0.9
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
url-encode-deco...@1.0.2
Malicious
High

Mon Nov 24 2025; 11:25AM

View Report
npm
react-dom@18.2.0
Safe
High

Fri Jan 24 2025; 9:44AM

View Report
npm
vue-browserupda...@1.0.5
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
vf-oss-template@1.0.4
Malicious
High

Mon Nov 24 2025; 1:11PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:49PM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:35AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:35AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:36AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:40AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 12:00AM

View Report
npm
@asyncapi/model...@5.10.2
Malicious
High

Mon Nov 24 2025; 12:00AM

View Report
npm
posthog-node@4.18.1
Malicious
High

Mon Nov 24 2025; 4:14AM

View Report
npm
@postman/node-k...@7.9.2
Suspicious
High

Tue Nov 25 2025; 6:17AM

View Report
npm
@postman/tunnel...@0.6.5
Malicious
High

Mon Nov 24 2025; 5:06AM

View Report
npm
@postman/wdio-a...@0.0.7
Malicious
High

Mon Nov 24 2025; 5:06AM

View Report
npm
@postman/wdio-a...@0.0.8
Malicious
High

Mon Nov 24 2025; 5:11AM

View Report
npm
@postman/postma...@1.0.3
Malicious
High

Mon Nov 24 2025; 5:06AM

View Report
npm
@postman/postma...@1.0.4
Malicious
High

Mon Nov 24 2025; 5:11AM

View Report
npm
@postman/wdio-j...@0.0.4
Malicious
High

Mon Nov 24 2025; 5:05AM

View Report
npm
@postman/wdio-j...@0.0.5
Malicious
High

Mon Nov 24 2025; 5:11AM

View Report
npm
@postman/pm-bin...@1.24.5
Malicious
High

Mon Nov 24 2025; 5:15AM

View Report
npm
@postman/aether...@2.23.3
Malicious
High

Mon Nov 24 2025; 5:12AM

View Report
npm
@postman/aether...@2.23.4
Malicious
High

Mon Nov 24 2025; 5:15AM

View Report
npm
strapi-plugin-c...@1.0.0
Malicious
High

Fri Apr 03 2026; 2:02AM

View Report
npm
strapi-plugin-c...@1.0.0
Malicious
High

Fri Apr 03 2026; 2:47AM

View Report
npm
strapi-plugin-s...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:01AM

View Report
npm
strapi-plugin-d...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:05AM

View Report
npm
strapi-plugin-h...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:37AM

View Report
npm
strapi-plugin-m...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:40AM

View Report
npm
strapi-plugin-e...@1.0.0
Malicious
High

Fri Apr 03 2026; 3:46AM

View Report
npm
strapi-plugin-s...@1.0.0
Malicious
High

Fri Apr 03 2026; 4:45AM

View Report
npm
strapi-plugin-a...@3.6.8
Malicious
High

Fri Apr 03 2026; 11:53AM

View Report
npm
strapi-plugin-a...@3.6.9
Malicious
High

Fri Apr 03 2026; 3:04PM

View Report
pypi
litellm@1.82.7
Malicious
High

Tue Mar 24 2026; 12:00AM

View Report
pypi
litellm@1.82.8
Malicious
High

Tue Mar 24 2026; 12:00AM

View Report
pypi
telnyx@4.87.1
Malicious
High

Fri Mar 27 2026; 12:00AM

View Report
pypi
telnyx@4.87.2
Malicious
High

Fri Mar 27 2026; 12:00AM

View Report
npm
v-plausible@1.2.1
Malicious
High

Mon Nov 24 2025; 4:48PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
rubygems
rails@7.0.4
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
vue@3.2.39
Safe
High

Tue Nov 25 2025; 6:02AM

View Report
npm
use-unsaved-cha...@1.0.9
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
zuper-cli@1.0.1
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
wenk@1.0.10
Malicious
High

Mon Nov 24 2025; 10:25AM

View Report
rubygems
devise@4.8.1
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
upload-to-play-...@1.0.1
Malicious
High

Mon Nov 24 2025; 4:52PM

View Report
npm
valuedex-sdk@3.0.5
Malicious
High

Mon Nov 24 2025; 4:52PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
npm
vf-oss-template@1.0.2
Malicious
High

Mon Nov 24 2025; 11:30AM

View Report
npm
wallet-evm@0.3.1
Malicious
High

Mon Nov 24 2025; 3:49PM

View Report
npm
vf-oss-template@1.0.3
Malicious
High

Mon Nov 24 2025; 12:11PM

View Report
npm
zuper-sdk@1.0.57
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
url-encode-deco...@1.0.1
Malicious
High

Mon Nov 24 2025; 10:05AM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
npm
wenk@1.0.9
Malicious
High

Mon Nov 24 2025; 10:08AM

View Report
npm
victoria-wallet...@0.1.2
Malicious
High

Mon Nov 24 2025; 4:25PM

View Report
npm
wellness-expert...@5.1.1
Malicious
High

Mon Nov 24 2025; 9:24AM

View Report
cargo
tokio@1.21.2
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
vf-oss-template@1.0.1
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:50PM

View Report
pypi
requests@2.28.1
Safe
High

Thu Jan 23 2025; 6:05PM

View Report
pypi
fastapi@0.85.0
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
wallet-evm@0.3.2
Malicious
High

Mon Nov 24 2025; 4:25PM

View Report
npm
web-scraper-mcp@1.1.4
Malicious
High

Mon Nov 24 2025; 9:19AM

View Report
npm
upload-to-play-...@1.0.2
Malicious
High

Mon Nov 24 2025; 10:22AM

View Report
npm
express@4.18.1
Safe
High

Tue Nov 25 2025; 6:07AM

View Report
npm
victoria-wallet...@0.1.2
Malicious
High

Mon Nov 24 2025; 4:25PM

View Report
cargo
async-std@1.12.0
Safe
High

Tue Nov 25 2025; 6:08AM

View Report
npm
valid-south-afr...@1.0.3
Malicious
High

Mon Nov 24 2025; 10:15AM

View Report
npm
zuper-stream@2.0.9
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
url-encode-deco...@1.0.2
Malicious
High

Mon Nov 24 2025; 11:25AM

View Report
npm
react-dom@18.2.0
Safe
High

Fri Jan 24 2025; 9:44AM

View Report
npm
vue-browserupda...@1.0.5
Malicious
High

Tue Jan 06 2026; 7:00PM

View Report
npm
vf-oss-template@1.0.4
Malicious
High

Mon Nov 24 2025; 1:11PM

View Report
npm
victoria-wallet...@0.1.1
Malicious
High

Mon Nov 24 2025; 3:49PM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:35AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:35AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:36AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 3:40AM

View Report
npm
@quick-start-so...@1.4.2511...
Malicious
High

Mon Nov 24 2025; 12:00AM

View Report
npm
@asyncapi/model...@5.10.2
Malicious
High

Mon Nov 24 2025; 12:00AM

View Report
npm
posthog-node@4.18.1
Malicious
High

Mon Nov 24 2025; 4:14AM

View Report
npm
@postman/node-k...@7.9.2
Suspicious
High

Tue Nov 25 2025; 6:17AM

View Report
npm
@postman/tunnel...@0.6.5
Malicious
High

Mon Nov 24 2025; 5:06AM

View Report
npm
@postman/wdio-a...@0.0.7
Malicious
High

Mon Nov 24 2025; 5:06AM

View Report
npm
@postman/wdio-a...@0.0.8
Malicious
High

Mon Nov 24 2025; 5:11AM

View Report
npm
@postman/postma...@1.0.3
Malicious
High

Mon Nov 24 2025; 5:06AM

View Report
npm
@postman/postma...@1.0.4
Malicious
High

Mon Nov 24 2025; 5:11AM

View Report
npm
@postman/wdio-j...@0.0.4
Malicious
High

Mon Nov 24 2025; 5:05AM

View Report
npm
@postman/wdio-j...@0.0.5
Malicious
High

Mon Nov 24 2025; 5:11AM

View Report
npm
@postman/pm-bin...@1.24.5
Malicious
High

Mon Nov 24 2025; 5:15AM

View Report
npm
@postman/aether...@2.23.3
Malicious
High

Mon Nov 24 2025; 5:12AM

View Report
npm
@postman/aether...@2.23.4
Malicious
High

Mon Nov 24 2025; 5:15AM

View Report

These aren't CVEs. Your scanner won't find them.

Malicious packages aren't vulnerabilities in legitimate code. They're purpose-built attacks: credential theft, reverse shells, data exfiltration. Traditional SCA tools weren't designed to detect them.

Threat detection illustration

Detect threats before they land

SafeDep continuously scans package registries and detects malicious publications on average 14 hours before public advisories.

See how
Multi-layer protection illustration

Block at every layer

From your IDE to your CI/CD pipeline, malicious dependencies are stopped before they execute. On developer machines and in pull requests.

See how
Organization visibility illustration

See everything across your org

Centralized visibility into every external component, policy enforcement across teams, and compliance-ready reporting.

See how
Package discovery illustration
Discovery

Know what's entering your environment

SafeDep builds a real-time inventory of every external component flowing into your stack. Packages, MCP servers, plugins, extensions, and repositories, across every developer and AI agent in your organization.

GitHub Install GitHub App
Using GitLab or Bitbucket? Talk to us
Package assessment illustration
Assessment

Identify what's dangerous before it executes

SafeDep's threat intelligence engine analyzes every component for real threats: typosquats, obfuscated code, data exfiltration, and known malicious patterns. Each component gets a clear verdict, block, allow, or investigate, before it touches your codebase.

See How it Works
Security reports illustration
Endpoint Enforcement

Protection that moves with your AI agent

When AI agents like Cursor, Claude, or Windsurf install a package, SafeDep MCP checks it before it lands on your machine. Malicious packages are blocked instantly. Safe ones proceed without friction.

Learn More
CI/CD pipeline security illustration
Pipeline Enforcement

The CI/CD safety net that catches what slips through

SafeDep runs in your pipeline and scans every pull request for malicious dependencies. If something dangerous is found, the merge is blocked before it reaches your main branch.

Learn More
Security dashboard illustration
Governance

Govern what flows into your organization.

Set org-wide policies for what packages are allowed. Get centralized visibility across every team. Generate compliance-ready reports for audits.

Book a Demo

The Unified SafeDep Platform

Discovery, assessment, enforcement, monitoring, and governance. Everything your security team needs, in one place.

Security dashboard interfaceThreat detection interfacePolicy management interface
20M+
Packages Scanned
500K+
Components Analysed
5000+
Projects Secured
80%
Threats Blocked

Ship code
Not malware

Start free with open source tools on your machine. Scale to a unified platform for your organization.

GitHub Star on GitHub Book a Demo