TrapDoor Supply Chain Attack Hits npm, PyPI, and Crates.io With Crypto-Stealing Packages

A new software supply chain campaign called TrapDoor is targeting developers through malicious packages published across npm, PyPI, and Crates.io. According to Socket’s TrapDoor research, the campaign spans more than 34 malicious packages and 384 related versions or artifacts across the three open source ecosystems. The attack focuses on developers working in crypto, DeFi, Solana, […] The post TrapDoor Supply Chain Attack Hits npm, PyPI, and Crates.io With Crypto-Stealing Packages appeared first on VPN Central.