TrapDoor Supply Chain Attack Targets npm, PyPI and Crates.io to Steal Credentials from Crypto and AI Developers
Security researchers at Socket have identified TrapDoor, a coordinated cross-ecosystem supply chain attack distributing 34 malicious packages across npm, PyPI, and Crates.io, targeting cryptocurrency, DeFi, Solana, and AI developers to steal credentials, SSH keys, cloud tokens, and wallet data.

Developer typing code at a dual-monitor workstation in a dark office representing the TrapDoor supply chain attack on npm and PyPI
Security researchers at Socket have identified a coordinated, cross-ecosystem software supply chain attack campaign targeting developers across npm, PyPI, and Crates.io, three of the most widely used open-source package registries in the world.
The campaign, named TrapDoor, spans more than 34 malicious packages distributed across over 384 versions, with the earliest activity recorded on 22 May 2026. Packages were published in rapid waves from a cluster of coordinated accounts in a pattern consistent with automated mass publishing or a compromised release pipeline.
Supply chain attacks of this nature sit alongside the broader vulnerability crisis that Project Glasswing has exposed this month, where the open-source software ecosystem is proving to carry significantly more risk than most organisations had previously assumed. They also mirror the malicious npm packages discovered earlier in May that delivered infostealers and DDoS botnet malware to thousands of developers.
Who Is Being Targeted
TrapDoor is focused specifically on developers working in cryptocurrency, decentralised finance, Solana blockchain, and artificial intelligence communities. The malicious packages are engineered to steal developer secrets, crypto wallet data, SSH keys, cloud credentials including AWS and GitHub tokens, browser data, and environment variables.
Several npm packages within the campaign deploy a shared payload called trap-core.js, which scans for credentials, validates cloud tokens, attempts SSH-based lateral movement across connected systems, and plants persistence mechanisms through multiple vectors including .cursorrules, CLAUDE.md, Git hooks, shell hooks, systemd services, cron jobs, and SSH configuration modifications.
The Scale and Speed of the Campaign
Researchers identified packages published in rapid succession, with many versions appearing within seconds of each other. The multi-ecosystem approach spanning npm, PyPI, and Crates.io simultaneously is deliberate. By operating across three registries at once, attackers maximise the probability of reaching developers who may only be monitoring one registry for anomalies.
This breadth of attack surface is particularly relevant for development teams in the GCC and MENA region, where fintech, AI, and blockchain development has grown significantly across markets including Saudi Arabia and the UAE. Organisations with development pipelines pulling open-source dependencies directly from these registries are at risk regardless of geography.
Recommended Immediate Actions
Development and security teams should act on the following now. Audit all packages installed from npm, PyPI, and Crates.io from 22 May 2026 onwards. Revoke and rotate AWS and GitHub tokens used in development environments immediately. Review SSH configuration files across development machines for unauthorised modifications. Check for the presence of trap-core.js and review cron jobs and systemd entries for unexpected persistence mechanisms.
The Microsoft 365 and MFA bypass trends tracked this year demonstrate that credential theft through multiple attack surfaces remains the primary pathway attackers use to escalate from initial access to full enterprise compromise. A stolen GitHub or AWS token from a developer's machine can provide access far beyond that individual environment.
Socket's full package list and indicators of compromise are available through their security research portal.
Omar Al-Hakeem
Senior Cyber Threat Analyst | MENA RegionOmar Al-Hakeem is a cybersecurity researcher specializing in threat intelligence, ransomware trends, and nation-state activity across the Middle East and North Africa. With over 12 years of experience in SOC operations and incident response, he provides deep technical breakdowns of emerging attacks and regional cyber risks. At MENA Cyber Wire, Omar focuses on real-world threat analysis and actionable defense strategies for enterprises and startups.