TrapDoor pushed 34 malicious packages across npm, PyPI and Crates.io to steal credentials and poison AI coding workflows.
Key takeaways
- TrapDoor planted 34 malicious packages across npm, PyPI, and Crates.io in a credential-theft campaign aimed at crypto and AI developers — and its m...
- The campaign was publicly named by Socket Security on May 25, 2026, with earliest traces on May 19 and a main wave landing May 22 at 20:20 UTC, accordi...
- TrapDoor Campaign Hits npm, PyPI, and Crates.io With 34 Malicious Developer Packages
- The first confirmed package was eth-security-auditor on PyPI. Dozens followed from a cluster of accounts publishing in bursts across three major open-source regist...
👉 Read the full breakdown on MLXIO
Canonical source: https://mlxio.com/cybersecurity/trapdoor-ai-coding-tools
Top comments (0)