Ai-Injection

TrapDoor: Cross-Ecosystem Supply Chain Attack Plants Credential Stealers and AI-Assistant Backdoors

A coordinated campaign across npm, PyPI, and Crates.io seeded 34+ malicious packages that steal developer secrets and plant hidden instructions to weaponize AI coding assistants.