A sophisticated and coordinated malware campaign dubbed ‘TrapDoor’ has successfully infiltrated several major open-source software repositories, posing a significant threat to developers working in the blockchain and cloud infrastructure sectors. By deploying dozens of malicious packages across npm, PyPI, and Crates.io, attackers have managed to distribute hundreds of compromised versions designed to exfiltrate sensitive data. The campaign, which gained momentum in late May 2026, utilized a multi-account strategy to bypass standard detection mechanisms, allowing the malicious code to blend seamlessly into routine dependency updates.

The malware is engineered to execute automatically upon installation, leveraging post-install scripts in JavaScript, import-time execution in Python, and build scripts in Rust. Once active, the software scans the host machine for high-value targets, including SSH keys, browser-stored credentials, and environment variables. Of particular concern is the malware’s focus on crypto-related assets, specifically targeting wallet files associated with platforms like MetaMask, Coinbase, Binance, and Solana. By harvesting these credentials, attackers gain the ability to drain digital assets and compromise private blockchain projects.

Beyond traditional data theft, the TrapDoor campaign demonstrates a concerning evolution in attack vectors by targeting AI-assisted development tools. Researchers discovered that the malicious packages include specific configuration files, such as .cursorrules and CLAUDE.md, intended to manipulate AI coding assistants. By influencing how these tools interpret project instructions, the attackers attempt to trick automated systems into exposing sensitive repository access tokens and cloud infrastructure credentials, such as those for AWS and GitHub. This multi-layered approach highlights a growing trend of adversaries moving beyond simple code execution to exploit the complex workflows of modern software development.