Home
Storia in 6 fonti
OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines
- ·
theregister.com
Cache-poisoning caper turns TanStack npm packages toxic
Six-minute supply chain blitz pushed 84 malicious versions with credential theft and disk-wiping code
- ·
bleepingcomputer.com
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers.
