TeamPCP's Mini Shai-Hulud Is Back: A Self-Spreading Supply Chain Attack Compromises TanStack npm Packages - StepSecurity

OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories.

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs.

Wire Fire Episode 01. Six weeks of supply-chain compromise on the npm registry, ending on 12 May 2026 with the Shai-Hulud worm source going public. 31 March: state-sponsored operators (Microsoft Sapphire Sleet, Mandiant UNC1069) backdoor axios versions 1.14.1 and 0.30.4 for three hours, tagged latest; roughly 100 million weekly downloads. 29 April: Mini Shai-Hulud hits four SAP-related npm packages. 11 May 19:20 to 19:26 UTC: 84 versions across 42 TanStack packages, then @uipath, @mistralai/mistralai, OpenSearch, Guardrails AI; 172 packages and 403 versions inside 48 hours, ~518M cumulative downloads. 2025 alone: 454,648 malicious npm packages, more than 99 per cent of all open-source malware now targets npm. The architectural answer has been quietly available for decades.

Shell script to detect TanStack npm supply chain attack indicators (CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx) - fabriziosalmi/tanstack-compromise-checker

On supply chain attacks, the cost of trust, and why free software is not the same as safe software

Over 400 compromised npm package versions and at least 2 PyPI packages published in a coordinated supply chain attack targeting TanStack, Mistral AI, UiPath, OpenSearch, guardrails-ai, and dozens of other packages.

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers.

On May 11, 2026, the Mini Shai-Hulud worm compromised 84 npm package artifacts across 42 @tanstack/* packages (as well as @squawk/*, @mistralai/* packages, and others) by chaining a GitHub Actions "Pwn Request," cache poisoning, and OIDC token extraction from runner memory — producing the first npm supply chain attack with valid SLSA Build Level 3 attestations. Here's what happened, what was stolen, and what you need to do right now.

Detect and mitigate malicious npm packages linked to the latest Mini Shai-Hulud supply chain campaign targeting high-value developer tooling.

Over 400 malicious versions of 170 packages were published as part of the new Mini Shai-Hulud campaign.

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm packages.

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm packages.

Over 400 compromised npm package versions and at least 2 PyPI packages published in a coordinated supply chain attack targeting TanStack, Mistral AI, UiPath, OpenSearch, guardrails-ai, and dozens of other packages.

Top news and commentary for technology's leaders, from all around the web.

We are actively investigating this security incident and sharing our findings here: www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem