Developer platform Socket has identified a malware known as TrapDoor that is targeting crypto and AI developers.
The malware spreads across the npm, PyPI and Crates repositories. It seeks to steal cryptocurrency wallet information along with browser data from affected systems.
Following earlier reports of direct attacks on OpenClaw AI agents, TechRadar warns that infostealers are now disguising themselves as Claude Code, OpenClaw, and other AI developer tools. Users should exercise caution with search engine results. Published March 18, 2026.
由 AI 报道
Daemon Tools, a popular disk image mounting app, was compromised in a supply-chain attack starting April 8, delivering malware through official updates. Security firm Kaspersky reported infections on thousands of machines across over 100 countries. Users are urged to scan their systems immediately.