TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...
Tom's Hardware on MSN
Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials
Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link related npm compromises affecting TanStack and Mistral SDKs to the broader ...
On May 11, 2026, several TanStack packages on npm were briefly replaced with malicious versions, raising fresh concerns about ...
Cryptopolitan on MSN
OpenAI says no user data exposed after TanStack npm supply chain attack hit employee devices
OpenAI confirmed that two employee devices were compromised, but found no evidence that user data, production systems, or ...
An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a dead-man's switch that nukes your system.
The TeamPCP threat group has pulled off another big supply chain attack which within a few hours this week was able to successfully compromise 170 Node Package Manager (npm) and PyPI packages. The ...
Numerous TanStack packages on npm have suffered a supply chain attack, apparently as part of the “Mini Shai-Hulud” attack wave.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results