TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...
Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...
Shai-Hulud worm exploited GitHub Actions misconfiguration to poison shared cache, now project weighing nuclear option on ...
A popular developer of open source analytics software has revealed that a recent data breach and extortion incident was ...
Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
Morning Overview on MSN
The TanStack supply chain attack poisoned 160 npm and PyPI packages — reaching OpenAI, Mistral AI, and UiPath through compromised build pipelines
On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source ...
A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain ...
OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and ...
Cryptopolitan on MSN
OpenAI says no user data exposed after TanStack npm supply chain attack hit employee devices
OpenAI confirmed that two employee devices were compromised, but found no evidence that user data, production systems, or ...
OpenAI has rotated code-signing certificates after code repositories containing them were compromised in the TanStack supply ...
An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results