Executive Summary

A sophisticated and multi-faceted software supply chain attack, designated TrapDoor, has been detected propagating credential-stealing malware through the npm, PyPI, and CratesIO package repositories. This campaign, first observed in late May 2026, leverages malicious packages to compromise developer environments, exfiltrate sensitive credentials, and establish persistent access. The attack is notable for its cross-ecosystem reach, advanced persistence mechanisms, and innovative abuse of AI coding assistants for covert data exfiltration. The primary targets are developers and organizations in the crypto, DeFi, Solana, and AI sectors, but the campaign’s global distribution model means any user of the affected packages…