Socket(@SocketSecurity):🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.io. Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems. TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys. Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.

2026.05.24 15:05

🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.io. Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems. TrapDoor targets #crypto#, #DeFi#, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys. Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.