npm

strapi-plugin-finseven

strapi-plugin-finseven is identified in the SafeDep analysis "Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2". >

discovered 2026-04-03

Threat types

c2_agent

Malicious versions

3.6.8

Campaigns

Strapi Plugin C2 Campaignattributed-to

Indicators

ipv4144.31.107.231communicates-with
email[email protected]exfiltrates-to

Techniques

ttpT1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
ttpT1059.007 Command and Scripting Interpreter: JavaScriptuses
ttpT1036 Masquerading: package impersonation and typosquattinguses
ttpT1105 Ingress Tool Transferuses
ttpT1071.001 Application Layer Protocol: Web Protocolsuses
ttpT1546 Event Triggered Executionuses

Read the full analysis →