InfoQ

TanStack DB Enters Beta with Reactive Queries, Optimistic Mutations, and Local-First Sync

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Bleeping Computer

OpenAI confirms security breach in TanStack supply chain attack

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for ...
GIGAZINE

The popular JavaScript library suite 'TanStack,' which is downloaded millions of times every week, has been hit by a supply chain attack; development environments with the ...

A supply chain attack was carried out against TanStack, a set of libraries widely used in JavaScript and React development, by releasing malware-infused versions of its npm packages. According to ...
The Next Web

OpenAI says no user data was touched in the TanStack npm worm

Two corporate laptops, some credential material, and a forced macOS app update. The interesting part is how the malicious packages got published in the first place: not by a stolen npm password, but ...
TechRadar

OpenAI confirms security breach in TanStack supply chain attack, but says no user data was affected

OpenAI confirmed two employee devices were impacted in the TanStack “Mini Shai‑Hulud” supply chain attack Malware exfiltrated limited credential material from internal code repositories; no customer ...
PC Magazine

OpenAI Tells Mac Users to Update Apps After Software Supply Chain Attack

Tanstack reports that three vulnerabilities were abused and chained together to upload the malicious versions. Disclosure: Ziff Davis, PCMag's parent company, filed a lawsuit against OpenAI in April ...