TrapDoor set out to poison AI coding tools
Source: Notebookcheck
Published:
<p>Thirty-four malicious packages. Three registries. Socket Security publicly named the campaign on May 25, 2026. The operation, codenamed TrapDoor, left its earliest traces on May 19, with the main wave arriving May 22 at 20:20 UTC. By the time Socket was published, 384 versions had been pushed acr