TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...
A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain ...
Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
Tom's Hardware on MSN
Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials
Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
Hundreds of software packages are affected, once again threatening enterprise credentials on coders’ machines.
On May 11, 2026, several TanStack packages on npm were briefly replaced with malicious versions, raising fresh concerns about ...
Cryptopolitan on MSN
OpenAI says no user data exposed after TanStack npm supply chain attack hit employee devices
OpenAI confirmed that two employee devices were compromised, but found no evidence that user data, production systems, or ...
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results