Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
Morning Overview on MSN
The TanStack supply chain attack poisoned 160 npm and PyPI packages — reaching OpenAI, Mistral AI, and UiPath through compromised build pipelines
On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source ...
Mini Shai-Hulud worm compromises 169 npm packages including TanStack Mistral AI; TeamPCP uses stolen OIDC tokens.
OpenAI said it found no evidence that user data was accessed after a supply-chain attack involving the TanStack npm library. The incident has renewed concerns about the security of open-source ...
Morning Overview on MSN
The 'mini Shai-Hulud' attack hides inside AI coding agent configs — the first supply chain attack to weaponize Claude Code and VS Code as persistence vectors
On April 29, 2026, someone slipped malicious code into four widely used SAP software packages. Within days, the infection had ...
A poisoned open-source dependency let attackers breach two OpenAI employee devices and steal credentials from a limited set of its internal source code repositories, OpenAI confirmed in a May 14, 2026 ...
OpenAI has confirmed the security breach. According to the company, two employee devices were compromised during a large-scale software supply chain attack connected to the TanStack npm ecosystem.
The Korea rollout gives UiPath local cloud infrastructure for enterprises with data-residency needs, making customer adoption ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results