WARPTECHNEWS · LAB
HomeAIBusinessTechArchive
WARPTECH LAB NEWS

Warptech Lab News aggrega le notizie più rilevanti da oltre 700 fonti internazionali, con classificazione AI, TL;DR sintetici e timeline cluster su singole storie.

Navigazione

  • Home
  • Archivio
  • Editor's Brief
  • Cerca
  • Il tuo account
  • Newsletter tech/AI

Informazioni legali

  • Privacy Policy
  • Termini di servizio
  • Cookie Policy

© 2026 Sparktech S.R.L. — Tutti i diritti riservati. Sito gestito e manutenuto da Sparktech S.R.L.

Sede legale: Corso Libertà 55, 13100 Vercelli (VC), Italia · P.IVA / C.F. 02835910023 · Contatti: admin@warptechlab.com

Home
Storia in 6 fonti

OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines

Raccontata dathehackernews.comtheregister.combleepingcomputer.comcsoonline.comventurebeat.comchannelnewsasia.com

Confronto fonti

6 prospettive sulla stessa storia
AI · summaries
theregister.comStai leggendo1 mesi fa

OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines

originale
bleepingcomputer.com1 mesi fa

OpenAI confirms security breach in TanStack supply chain attack

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications…

Leggi questa versione → originale
csoonline.com1 mesi fa

Mistral AI SDK, TanStack Router hit in npm software supply chain attack

Hundreds of software packages are affected, once again threatening enterprise credentials on coders’ machines.

Leggi questa versione → originale
thehackernews.com1 mesi fa

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm packages.

Leggi questa versione → originale
venturebeat.com1 mesi fa

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it exploited and the…

Leggi questa versione → originale
channelnewsasia.com1 mesi fa

OpenAI says no user data breached after security issue with open-source library

May 14 : OpenAI said on Wednesday it found no evidence that its user data was accessed after a security issue involving a supply-chain attack on TanStack npm, an open-source library. Here are some details:• The…

Leggi questa versione → originale

Timeline cronologica

  1. martedì 12 maggio 2026·thehackernews.com

    Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

    TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm packages.

  2. martedì 12 maggio 2026·theregister.com

    Cache-poisoning caper turns TanStack npm packages toxic

    Six-minute supply chain blitz pushed 84 malicious versions with credential theft and disk-wiping code

  3. martedì 12 maggio 2026·bleepingcomputer.com

    Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

    Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers.

  4. martedì 12 maggio 2026·csoonline.com

    Mistral AI SDK, TanStack Router hit in npm software supply chain attack

    Hundreds of software packages are affected, once again threatening enterprise credentials on coders’ machines.

  5. martedì 12 maggio 2026·venturebeat.com

    Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

    TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps…

  6. mercoledì 13 maggio 2026·theregister.com

    Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub

    Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing

  7. giovedì 14 maggio 2026·channelnewsasia.com

    OpenAI says no user data breached after security issue with open-source library

    May 14 : OpenAI said on Wednesday it found no evidence that its user data was accessed after a security issue involving a supply-chain attack on TanStack npm, an open-source…

  8. giovedì 14 maggio 2026·bleepingcomputer.com

    OpenAI confirms security breach in TanStack supply chain attack

    OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate…

  9. venerdì 15 maggio 2026·theregister.com

    OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

    Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines

  10. venerdì 15 maggio 2026·thehackernews.com

    TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

    Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June 12, 2026.