TrapDoor Malware Found in Popular Code Libraries

Security researchers discovered a coordinated attack called TrapDoor targeting three major software package repositories: npm, PyPI, and Crates.io. The campaign distributed malicious code across 34 packages with over 384 versions designed to steal user credentials. Attackers published these packages in waves starting May 22, 2026, exploiting the trust developers place in open-source libraries. This supply chain attack demonstrates how cybercriminals can compromise software development tools to reach thousands of potential victims. Developers using affected packages are at risk of credential theft and system compromise. Source: Security Research Publication.