Hacker-City
Hacker-City
Get the brief
Technology|May 25, 2026|1 min read

Trapdoor Supply Chain Attack Spreads

A newly discovered supply chain attack dubbed "Trapdoor" is spreading across multiple software vendors, potentially compromising downstream users through compromised dependencies.

#supply-chain-attack#trapdoor#cybersecurity#software-security#vulnerability#malware#dependencies#threat
T

The Hacker News

Contributor

Share this story

Next story

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and Crates.io

A coordinated cross-ecosystem supply chain attack campaign called TrapDoor has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware across 34 malicious packages affecting crypto, DeFi, Solana, and AI developers. The campaign uses ecosystem-specific execution paths to steal developer secrets, crypto wallets, SSH keys, and cloud credentials.