> TritonInfoSec News
Home / May 26, 2026 / Story
0
#4 The Hacker News general May 25, 2026 at 05:59 UTC

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

By [email protected] (The Hacker News)

AI Summary

The 'TrapDoor' campaign, first observed May 22, 2026, deployed over 34 malicious packages across 384+ versions on npm, PyPI, and Crates.io to distribute credential-stealing malware in a coordinated cross-ecosystem supply chain attack. Packages were published in waves from a cluster of accounts, a technique used to evade early detection. Security teams should review dependencies added after May 22 and check for TrapDoor indicators across all three ecosystems.

Read full article → https://thehackernews.com/2026/05/trapdoor-supply-…

Relevance score: 84.0/100

# More from May 26

  1. 1
    Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks Krebs on Security
  2. 2
    Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks The Hacker News
  3. 3
    Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack SecurityWeek
  4. 5
    Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms The Hacker News
  5. 6
    FBI warns of Kali365 phishing service targeting Microsoft 365 accounts BleepingComputer
  6. 7
    Laravel-Lang Packages Poisoned for Malware Delivery SecurityWeek
  7. 8
    Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects SecurityWeek
  8. 9
    DocketWise Data Breach Impacts 143,000 SecurityWeek
  9. 10
    266,000 Affected by Data Breach at Radiology Associates of Richmond SecurityWeek