A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain attack affecting developer ecosystems, including packages tied to UiPath, ...
Hundreds of software packages are affected, once again threatening enterprise credentials on coders’ machines.
Cryptopolitan on MSN
OpenAI says no user data exposed after TanStack npm supply chain attack hit employee devices
OpenAI confirmed that two employee devices were compromised, but found no evidence that user data, production systems, or ...
Tom's Hardware on MSN
Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials
Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link related npm compromises affecting TanStack and Mistral SDKs to the broader ...
OpenAI says no user data was accessed in the TanStack npm compromise: two corporate laptops, some credentials, and a forced macOS update.
An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results