A walkthrough of NeuroValkey Agents, a multi-agent swarm wired up with OpenAI API, Valkey, and Node.js. Not a cache — Valkey here is the orchestration, memory, and state-transition substrate for the whole system.
36 malicious npm packages disguised as Strapi CMS plugins were published by 4 sock-puppet accounts. 8 payload variants deployed Redis crontab injection, PostgreSQL direct access, reverse shells, and persistent implants. The target appears to be crypto exchange Guardarian.
