Cache-poisoning caper turns TanStack npm packages toxic
ID: a3dc49a4-7be9-59ad-bfa9-41385e101bd8
STIX ID: report--a3dc49a4-7be9-59ad-bfa9-41385e101bd8
Feed Name: The Register (Security)
Threat Score
An active supply‑chain attack published 84 malicious TanStack npm package versions on 2026-05-11 that steal credentials (including npm OIDC tokens), harvest files from many common locations, install a dead‑man service that can wipe disks, and self‑propagate by abusing GitHub Actions/build automation; packages were detected and deprecated within 30 minutes but systems that ran npm/pnpm/yarn against affected versions should be considered compromised and secrets rotated.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.