PANews reported on May 25th that security company Socket Security disclosed a cryptocurrency theft campaign called TrapDoor, which is launching proactive supply chain attacks in package repositories such as npm, PyPI, and Crates.io. Currently, 34 malware packages and 384 versions and artifacts have been discovered, with attackers continuously pushing new versions across various ecosystems. TrapDoor primarily targets developers in the cryptocurrency, DeFi, AI, and security fields, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, environment variables, and API keys. Socket's median detection time for the malicious version was 5 minutes and 27 seconds, with the fastest detection occurring 58 seconds after release.