The next big DeFi exploit will start before the code is deployed
Source: Cryptorank
Published:
<p>Socket disclosed on May 24 that the TrapDoor campaign planted 34+ malicious packages and 384+ versions across npm, PyPI and Crates.io to steal developer credentials and access repositories, CI/CD pipelines, cloud accounts and deployment keys, creating a route for downstream DeFi exploits. The att