Source

cryptotimes.io

1 article citing this source

NewsMay 25

TrapDoor Campaign Deploys 34 Malicious Packages Across npm, PyPI, and Crates.io, Weaponizing AI Coding Assistants to Steal Crypto Wallets

Socket researchers discovered TrapDoor, a supply chain attack spanning 34 packages and 384+ versions across three registries, with a novel technique that embeds hidden instructions in AI coding assistant config files to trigger credential exfiltration.

5 min read4 sources