A malware campaign called TrapDoor has been discovered spanning npm, PyPI, and Crates.io, comprising over 34 malicious packages and 384+ versions. The campaign targets developer workstations to steal AWS credentials, GitHub tokens, SSH keys, browser data, and crypto wallets. Notably, it also attempts to manipulate AI coding assistant configuration files (like .cursorrules and CLAUDE.md) using hidden Unicode instructions to trick AI tools into exfiltrating secrets. Security analysts warn this represents a shift from simple credential theft to full workflow-level compromise, where a single poisoned developer machine can become an entry point into CI/CD pipelines and enterprise infrastructure. Recommended mitigations include automated scanning at install time, least-privilege credentials, package allowlisting, and zero-trust controls in local dev environments.
Sort: