On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source packages, corrupting 84 npm artifacts before anyone noticed. Within hours, the ...
Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.
OpenAI has said it found no evidence that user data was accessed following a security issue linked to a supply-chain attack involving the open-source TanStack npm library. The company said in a ...
Over 170 packages across multiple high-profile NPM and PyPI projects were compromised in a new, coordinated Mini Shai-Hulud software supply chain attack. The campaign hit 42 TanStack packages, 65 ...
TeamPCP, the threat actor behind the recentsupply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as ...
A poisoned open-source dependency let attackers breach two OpenAI employee devices and steal credentials from a limited set of its internal source code repositories, OpenAI confirmed in a May 14, 2026 ...
TeamPCP threat group launched a coordinated supply chain attack compromising 169 npm packages on May 11, 2026. The Mini Shai-Hulud worm targeted TanStack, UiPath, Mistral AI, OpenSearch, and ...
On May 11, 2026, a massive supply chain attack shook the JavaScript ecosystem. Over 170 npm and PyPI packages, including TanStack, Mistral AI, and UiPath, were compromised, exposing developers with ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results