Cryptopolitan on MSN

OpenAI says no user data exposed after TanStack npm supply chain attack hit employee devices

OpenAI confirmed that two employee devices were compromised, but found no evidence that user data, production systems, or ...
Infosecurity Magazine

Mini Shai-Hulud Hits TanStack npm Packages

A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain ...
Live Bitcoin News

The npm Package That Wipes Your Files When You Try to Stop It

An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Next Web

OpenAI says no user data was touched in the TanStack npm worm

OpenAI says no user data was accessed in the TanStack npm compromise: two corporate laptops, some credentials, and a forced macOS update.

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
heise online

React-Deep-Dive: TanStack Router und TanStack Query – Teil 1

The TanStack Router is an alternative to the React Router, the de facto standard for routing in React applications. The TanStack team released the first stable version in December 2023. The router ...