Skip to main content
Back to Blog
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and Crates.io
SUPPLY CHAINMay 27, 20264 min read

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and Crates.io

A coordinated software supply chain attack campaign, codenamed TrapDoor, has been discovered spreading credential-stealing malware across three major package registries. As reported by The Hacker News, the campaign was first recorded on May 22, 2026, and spans npm, PyPI, and Crates.io simultaneously.

What happened

The TrapDoor campaign distributed malicious packages across npm (JavaScript), PyPI (Python), and Crates.io (Rust) in coordinated waves. Researchers identified more than 34 malicious packages published across over 384 versions. The attack began on May 22, 2026, at 8:20 p.m. UTC, with new packages released in waves from a cluster of accounts, suggesting an organized and automated operation rather than opportunistic abuse.

The payloads are designed to steal credentials from infected developer machines and build environments. By targeting all three ecosystems at once, the attackers maximized their reach across different development communities. This kind of cross-ecosystem coordination is a notable escalation compared to single-registry attacks that have been more common in the past.

Free Scan

Run the exact check on your domain

See your security score, grade, and a breakdown of what's exposed. Free. Takes under 2 minutes.

Scan my site free →

Why this matters to small teams

Solo developers and small startups are disproportionately exposed to supply chain attacks. Large engineering teams have security reviewers, internal dependency audits, and dedicated tooling. If you are shipping fast with AI-assisted code generation, you may be adding dependencies quickly without auditing each one carefully. A single malicious package installed during a late-night build session can compromise your entire development environment, including API keys, database credentials, and cloud provider tokens stored on your machine or in environment files.

Credential theft from a developer machine is often a stepping stone to a broader breach. Stolen tokens can give attackers access to your GitHub repositories, your hosting infrastructure, or your customers' data. For a small team, that kind of incident can be existential. The TrapDoor campaign specifically targets the install-time execution surface, meaning the malware can run the moment you install a package, before you have ever executed a line of its code yourself.

Crates.io being included alongside npm and PyPI is also a signal worth noting. Rust is increasingly popular among performance-focused developers and systems builders. The assumption that a smaller or newer ecosystem is inherently safer is not reliable. Attackers follow developer attention.

How to stay protected

  1. Audit new dependencies before installing. Check the package's publish date, download count, and maintainer history. A package published days ago with hundreds of versions is a red flag.
  2. Use lockfiles and pin dependency versions. Lockfiles (package-lock.json, Pipfile.lock, Cargo.lock) prevent silent upgrades to newly published malicious versions. Commit them to version control.
  3. Run installs in isolated environments. Use containers or virtual machines for development builds. This limits what a malicious install script can access on your host system.
  4. Rotate credentials after any suspicious install. If you installed a package and are uncertain about it, treat your local credentials as potentially compromised. Rotate API keys, tokens, and secrets stored in environment files.
  5. Enable registry security alerts. npm, PyPI, and Crates.io all have mechanisms to report or flag malicious packages. Follow security advisories from these registries, and consider tools like Socket.dev or Deps.dev that surface risky packages before install.
  6. Restrict secrets stored on developer machines. Use short-lived tokens and role-based access where possible. Secrets with broad permissions sitting in .env files are high-value targets for credential stealers.

How UNPWNED helps

UNPWNED focuses on web-facing security checks, including exposed configuration files, insecure HTTP headers, and other surface-level vulnerabilities that attackers commonly exploit after an initial compromise. While UNPWNED does not scan your local dependency tree or package manifests directly, catching exposed .env files, misconfigured endpoints, and weak security headers through regular scans reduces the blast radius if credentials are ever stolen from your development environment. Keeping your deployed application hardened is a meaningful layer of defense even when the initial attack vector is on your local machine.

This post was drafted with AI assistance based on authoritative security sources, then published under editorial review.

Source

The Hacker News

Discussion (0)

Leave a comment

Comments are moderated. Be respectful. Spam and self-promotion will be removed.

Is your site exposed to issues like these?

SCAN YOUR SITE FREE