Socket Security just published research on TrapDoor malware: 34 malicious packages targeting developers building on Solana, Aptos, and Sui. If you've installed any npm or PyPI packages from these ecosystems recently, your wallet may already be at risk even if nothing looks wrong yet. How it works: The packages execute on install. They silently harvest crypto wallet credentials, SSH keys, cloud cr…
