TrapDoor Supply Chain Attack Actively Exploiting npm, PyPI, and CratesIO to Steal ...
Source: Rescana
Published:
<p>A sophisticated and multi-faceted software supply chain attack, designated TrapDoor , has been detected propagating credential-stealing malware through the npm , PyPI , and CratesIO package repositories. This campaign, first observed in late May 2026, leverages malicious packages to compromise de