OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
ID: 1082c020-4965-569e-8b8a-c4501d2d5146
STIX ID: report--1082c020-4965-569e-8b8a-c4501d2d5146
Feed Name: The Register (Security)
Threat Score
OpenAI was impacted by a TanStack npm supply-chain compromise tied to the "Mini Shai-Hulud" campaign and TeamPCP, where malicious package updates reached two employee devices and led to limited exfiltration of internal credentials; OpenAI rotated signing certificates for several desktop products and reported no evidence of production or customer data being breached.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.