TrapDoor malware targets major code repositories; 34 malicious packages detected
Source: Kucoin
Published:
<p>ChainCatcher report: Security firm Socket Security has disclosed an active supply chain attack named TrapDoor targeting software package repositories such as npm, PyPI, and Crates.io. So far, 34 malicious packages and 384 versions and artifacts have been identified, with attackers continuously pu