The "TrapDoor" malware campaign is a new threat to cryptocurrency developers, employing supply chain attacks through malicious packages to hijack AI coding tools. It infiltrates development environments to steal digital assets, representing a sophisticated evolution in cybercriminal tactics.
A six-minute attack compromised the trust model of modern JavaScript development, pushing 84 malicious package versions across 42 @tanstack packages via a legitimate release pipeline. The "worm" spread to over 170 packages on npm and PyPI, affecting over 518 million cumulative downloads and targeting credential theft.
The TeamPCP supply chain campaign has resumed with concurrent compromises targeting the AI inference package xinference, Checkmarx KICS, and Bitwarden CLI. This directly impacts AI security by poisoning a widely used LLM/ML model serving framework and demonstrates sophisticated attack methods increasingly intersecting with AI tooling.
AI coding assistants can suggest non-existent software packages that attackers register with malware, creating a vulnerability known as "package hallucination." This attack vector allows malicious packages to be installed, compromising the security of development projects.
The TeamPCP threat group stole 5GB of Mistral AI's source code via a supply chain attack, demanding $25,000 or threatening to leak the data. Mistral AI confirmed the breach but stated that core repositories and user data were not affected.
Malicious versions of the node-ipc npm package were found to contain stealer/backdoor payloads. The malware harvests credentials for AI tools and cloud services like AWS, Azure, and GCP, exfiltrating data via HTTPS and DNS.
An NPM supply chain attack bypassed GitHub's 2FA, compromising a developer's account and publishing malicious packages. This jeopardizes the JavaScript ecosystem, potentially impacting thousands of dependent projects, and highlights vulnerabilities in software supply chain security.
OpenAI responded to the Axios developer tool compromise by rotating macOS code signing certificates and updating its applications. The company confirmed that no user data was compromised during the supply chain attack.
A sophisticated npm supply chain attack affected 42 TanStack packages, publishing 84 malicious versions within 6 minutes. The attackers exploited a dangerous GitHub Actions trigger, without needing stolen passwords.