GitHub links repo breach to TanStack npm supply-chain attack

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS ...
Windows Report

GitHub Links Internal Repository Breach To TanStack Supply-Chain Attack

GitHub says the breach of roughly 3,800 internal repositories was tied to the wider TanStack npm supply-chain attack.
adtmag.com

Visual Studio Code Update Overloads npm Service, Forces Version Rollback

Microsoft said its Visual Studio Code 1.7 release overloaded the npmjs.org JavaScript package management service for Node.js, forcing a rollback to version 1.6.1. (Update: After this article was ...
Morning Overview on MSN

The 'mini Shai-Hulud' attack hides inside AI coding agent configs — the first supply chain attack to weaponize Claude Code and VS Code as persistence vectors

On April 29, 2026, someone slipped malicious code into four widely used SAP software packages. Within days, the infection had ...