TrapDoor Supply Chain Hits npm, PyPI and Crates.io
Source: Aicerts.Ai
Published:
<p>Unlike prior attacks, TrapDoor combines classic credential stealing modules with a novel twist targeting AI coding assistants. Attackers embedded invisible directives inside Cursor rules and Claude config files to hijack trusted workflows.</p> <p>Moreover, the operation spanned npm, PyPI, and Cra