Postmortem: TanStack NPM supply-chain compromise

TanStack npm Packages Hit by Mini Shai-Hulud | Snyk

Snyk May 11, 2026

On May 11, 2026, the Mini Shai-Hulud worm compromised 84 npm package artifacts across 42 @tanstack/* packages (as well as @squawk/*, @mistralai/* packages, and others) by chaining a GitHub Actions "Pwn Request," cache poisoning, and OIDC token extraction from runner memory — producing the first npm supply chain attack with valid SLSA Build Level 3 attestations. Here's what happened, what was stolen, and what you need to do right now.

8 inbound links article en developersecuritydevopstecharticlesnyk-open-sourcesnyk-security-intelci-cdscmsbomsupply-chain-securitydevsecopsopen-source-securityvulnerability-insights

Postmortem: TanStack npm supply-chain compromise | TanStack Blog

tanstack.com

On 2026-05-11, an attacker chained a pull_request_target Pwn Request, GitHub Actions cache poisoning across the fork↔base trust boundary, and OIDC token extraction from runner memory to publish 84 malicious versions across 42 @tanstack/* packages on npm. Full postmortem.

35 inbound links

Several npm latest releases are compromised · Issue #7383 · TanStack/router

GitHub TanStack May 11, 2026

We are actively investigating this security incident and sharing our findings here: www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem

12 inbound links object en issue:4423801246