Security Boulevard

The TanStack Breach and the Fragility of Trusted Code

On May 11, 2026, several TanStack packages on npm were briefly replaced with malicious versions, raising fresh concerns about ...
GitHub

React Native TanStack Query Devtools

Remote devtools for @tanstack/react-query in React Native. Inspect queries, mutations, and cache state from a browser dashboard while your app runs on a device or emulator.
CSOonline

Mistral AI SDK, TanStack Router hit in npm software supply chain attack

The TeamPCP threat group has pulled off another big supply chain attack which within a few hours this week was able to successfully compromise 170 Node Package Manager (npm) and PyPI packages. The ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 packages across multiple high-profile NPM and PyPI projects were compromised in a new, coordinated Mini Shai-Hulud software supply chain attack. The campaign hit 42 TanStack packages, 65 ...