Back to all articles
Topic

#software-vulnerabilities

1 article tagged “software-vulnerabilities”.

person standing near LED signDevOps

The TrapDoor Campaign Turns Three Registries Into a Unified Kill Chain

The TrapDoor campaign weaponized npm, PyPI, and Crates.io in a single coordinated push, extending into AI assistant config files via zero-width Unicode injection. The attack surface has moved from artifacts to runtime evaluation and prompt context—and defensive tooling is behind.

May 25, 20264 min read