Trapdoor supply chain malware infects 34 developer packages to steal crypto keys and tokens

first published 2026-05-26T00:30:48Z

Researchers found a supply chain malware campaign called Trapdoor that affected 34 packages across npm, PyPI, and Crates.io. The malware targeted crypto developers by stealing wallet keys, SSH keys, GitHub tokens, and other secrets, and also tried to manipulate AI coding tools to exfiltrate sensitive data.

AI Analysis

The summary reports a broad malware campaign across major developer package ecosystems that steals wallet keys and other secrets from crypto developers. This is directly negative for security and can affect projects and users, making it moderately high impact.

Source Articles

Trapdoor Malware: The Massive Supply Chain Attack Targeting Crypto Developers - Bitcoin.com