Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
A malware attack, referred to as Mini Shai-Hulud, has compromised multiple npm packages, including those from TanStack. The attack appears to be a self-spreading supply chain attack, with reports suggesting that hundreds of packages have been affected, although the exact number is unclear. The attack has also been reported to have impacted packages beyond npm, with some sources mentioning the PyPi ecosystem.
Full coverage
12345678