Cybersecurity & Data Protection
1
UPVOTE
thehackernews.com

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware. The campaign, codenamed TrapDoor, spans more than 34 malicious packages across over 384 versions. The earliest activity was recorded on May 22, 2026, at 8:20 p.m. UTC, with new packages published to the ecosystems in waves from a cluster of
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
JA

jordan af

10d ago
1 0

Discussion

Begin the discussion

Begin something meaningful by sharing your ideas.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

RY

ryan maybe

ryan maybeUpvoted 10d ago0 comments · 26 shares

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

bleepingcomputer.com
Brave Software releases Origin for a paid, bloat-free browsing …

Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetiz…
Carlos the great

Carlos the great

3h ago
0
darkreading.com
Bugcrowd Launches EU Data Residency Option For Evolving Data So…

Organizations are growing serious about what nation’s rules apply to their data. Experts point to geopolitical tensions as a main contributing factor.
DR

Dark Reading

5h ago
0
bleepingcomputer.com
New IronWorm malware hits 36 packages in npm supply-chain attac…

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. [. .. ]
Giulia

Giulia

9h ago
0
bleepingcomputer.com
Police dismantles fake ID marketplace used by migrant smugglers

French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union.…
MB

Maria Bakker

12h ago
0
thehackernews.com
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, It…

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U. K. , Germany, Italy, and South…
TN

The Hacker News

12h ago
0
darkreading.com
Pakistan Spies on Afghan Finance Ministry With Xeno RAT

Despite broadly connected digital infrastructure, standard fare TTPs are enough to cause trouble for Afghanistan's porous cybersecurity.
DR

Dark Reading

16h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Cybersecurity & Data Protection.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

thehackernews.com
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, It…

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U. K. , Germany, Italy, and South…
TN

The Hacker News

12h ago
0
thehackernews.com
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners …

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems.…
TN

The Hacker News

1d ago
0
thehackernews.com
Google June 2026 Android Update Patches 124 Flaws, One Actively…

Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severi…
TN

The Hacker News

2d ago
0
thehackernews.com
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewe…

Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-fo…
TN

The Hacker News

2d ago
0
thehackernews.com
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Atta…

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the…
TN

The Hacker News

3d ago
0
thehackernews.com
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Ac…

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15, 000 sales on the Enva…
TN

The Hacker News

3d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest