The cryptocurrency theft program TrapDoor is attacking three major code repositories, with 34 malicious software packages detected
By: rootdata|2026/05/25 09:42:55
0
Share
Security company Socket Security disclosed that a cryptocurrency theft operation named TrapDoor is launching active supply chain attacks in package repositories such as npm, PyPI, and Crates.io. A total of 34 malicious packages and 384 versions and components have been identified, with attackers continuously pushing new versions across various ecosystems.
TrapDoor primarily targets developers in the cryptocurrency, DeFi, AI, and security fields, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, environment variables, and API keys. Socket detected that the median detection time for malicious versions was 5 minutes and 27 seconds, with the fastest detection occurring 58 seconds after release.
You may also like
a16z: 7 Images to Understand How Tokenization Changes the Nature of Assets
It's far more than just moving traditional assets onto the blockchain.
The secret to Hyperliquid's success dismantled from the five-layer financial stack
Hyperliquid is not a DEX that continuously adds features, but rather a financial operating system built in a strict sequence.
After Futu Securities was banned, will buying stocks on-chain be the new remedy?
If it moves steadily, it may be an important stop for financial assets on the blockchain; if treated as a detour tool, it will become the next risk site.
Why Crypto Traders Are Watching Gold and Nasdaq Again in 2026
Bitcoin is ranging while gold and Nasdaq volatility surge in 2026. Discover why crypto traders are using USDT to trade gold, silver, and global indices without a traditional brokerage account.
Why have foreign exchange stablecoins never taken off?
Rather than issuing a local currency stablecoin from scratch, it is better to build a layer of foreign currency pricing on top of a USD stablecoin, allowing users to enjoy the liquidity of the dollar while keeping accounts in local currency.
AIDC, computing power leasing, and cloud: The "three-part thesis" of AI transformation in cryptocurrency mining farms
The "AI transformation" of cryptocurrency mining farms is not just a slogan; it is unfolding in three recognizable stages.
Futu has had all its illegal gains confiscated, reminding cryptocurrency exchanges
Even if foreign financial institutions obtain licenses abroad, as long as you are effectively providing financial services to residents in mainland China, Chinese regulatory authorities may evaluate your actions according to Chinese law.
Football, Web3 & Champions' Energy: A Recap of WEEX's LALIGA VIP Meetup in Barcelona
Relive WEEX's exclusive LALIGA VIP Meetup in Barcelona with football legend Fernando Morientes. From a fireside chat and on-site WEEX x LALIGA signing to partner awards and a live LALIGA match broadcast, discover how WEEX connected football culture, Web3, and community.
Pizza, Poker & AI Trading: A Recap of WEEX Crypto Pizza Day in Dubai
Relive WEEX Crypto Pizza Day in Dubai, where the MENA crypto community gathered at WEEX Dubai Studio to celebrate Bitcoin Pizza Day with pizza, poker, networking, and a live AI trading competition. Discover how WEEX turned a historic crypto milestone into a hands-on AI trading experience.
Morning Report | SpaceX reveals it holds approximately $1.45 billion in Bitcoin; Nvidia's Q1 financial report shows revenue of $81.6 billion; Manus plans to raise $1 billion for buyback business
Overview of Important Market Events on May 21
IOSG Founder: Please tell Vitalik the truth, let the OGs who have enjoyed the industry's dividends enlighten the young people
The wage earners freeze to death on the road, the sellers of goods die of thirst on the way. The weavers of brocade wear coarse cloth, and the grain growers do not have enough to eat.
Insiders: DeepSeek is forming a Harness team to compete with Claude Code
DeepSeek Code is coming.
The financial changes under the new SEC regulations: Opportunities and regulatory red lines behind "tokenized stocks"
In-depth analysis of "tokenized stocks": The SEC's advancement of an innovation exemption framework has sparked heated discussions, revealing the real risks behind third-party "synthetic asset" certificates and 24/7 trading.
SpaceX officially submitted its prospectus, unveiling the largest IPO in history
SpaceX's public market debut could take place as early as June, making it the first in a series of giant IPOs from AI companies, with OpenAI and Anthropic also waiting for the right moment.
Blockchain Capital Partner: The structure of on-chain dual-layer capital is still in the early stages of value discovery
How can the on-chain economy build a capital structure that promotes open innovation while also considering institutional scale?
I tested with $10,000: zero wear and tear, annualized 8%, and can earn points (with complete tutorial + screenshots)
Perps DEX newcomer StandX launches native stablecoin DUSD, achieving a real APY of 8.46% with its innovative three-tier yield mechanism, breaking the 3% traditional stablecoin interest rate ceiling.
Secured over $60 million in funding from Dragonfly, Sequoia, and others, learn about the on-chain derivatives protocol Variational | CryptoSeed
What is the difference with Hyperliquid?
Eight departments take strong measures to regulate cross-border brokers, what do you think?
This regulatory action, known as the "Final Battle for the Rectification of Cross-Border Brokers," will completely end the gray era of unlicensed operations by foreign brokers in the domestic market and reshape the entire market landscape for cross-border investment by mainland residents.
a16z: 7 Images to Understand How Tokenization Changes the Nature of Assets
It's far more than just moving traditional assets onto the blockchain.
The secret to Hyperliquid's success dismantled from the five-layer financial stack
Hyperliquid is not a DEX that continuously adds features, but rather a financial operating system built in a strict sequence.
After Futu Securities was banned, will buying stocks on-chain be the new remedy?
If it moves steadily, it may be an important stop for financial assets on the blockchain; if treated as a detour tool, it will become the next risk site.
Why Crypto Traders Are Watching Gold and Nasdaq Again in 2026
Bitcoin is ranging while gold and Nasdaq volatility surge in 2026. Discover why crypto traders are using USDT to trade gold, silver, and global indices without a traditional brokerage account.
Why have foreign exchange stablecoins never taken off?
Rather than issuing a local currency stablecoin from scratch, it is better to build a layer of foreign currency pricing on top of a USD stablecoin, allowing users to enjoy the liquidity of the dollar while keeping accounts in local currency.
AIDC, computing power leasing, and cloud: The "three-part thesis" of AI transformation in cryptocurrency mining farms
The "AI transformation" of cryptocurrency mining farms is not just a slogan; it is unfolding in three recognizable stages.
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:[email protected]
VIP Program:[email protected]
