TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

Published: 2 weeks ago (May 25, 2026 at 01:59 AM EDT)

1 min read

Source: The Hacker News

Overview

A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential‑stealing malware.

The campaign, codenamed TrapDoor, spans more than 34 malicious packages across over 384 versions. The earliest activity was recorded on May 22, 2026, at 8:20 p.m. UTC, with new packages published to the ecosystems in waves from a cluster of.

Back to Blog

GitHub links repo breach to TanStack npm supply-chain attack

markdown !https://www.bleepstatic.com/content/hl-images/2026/05/21/GitHub_headpic.jpg GitHub says the hackers who breached 3,800 internal repositories gained ac...

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

!Macro shot of computer monitor displaying colorful programming code lines.https://techcrunch.com/wp-content/uploads/2026/05/code-on-a-screen.jpg?w=1024 Image C...

Megalodon cyberattack infects 5,500 GitHub open-source repositories with malware, researchers say

'Security researchers say 5,500 GitHub repositories have been affected by the attack.

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from t...

Overview

Related posts

GitHub links repo breach to TanStack npm supply-chain attack

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

Megalodon cyberattack infects 5,500 GitHub open-source repositories with malware, researchers say

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos