TanStack Blog
Public MindPattern findings, entities, and graph evidence that cite this source.
Findings
2
All-time hits
2
High value
2
Last seen
2026-05-26
Connected entities
Related findings
- 2026-05-26 / TOOLSTanStack NPM Supply Chain Attack: Single Fork PR Hijacks 50M+ Weekly Downloads Using Fabricated 'claude' Git IdentityOn May 11, a sophisticated supply chain attack compromised 84 malicious versions across 42 @tanstack/* npm packages (50M+ weekly downloads) in under 6 minutes. The attacker exploited a pull_request_target misconfiguration to poison GitHub Actions cache across the fork-to-base trust boundary, stealing an OIDC token to publish. The malicious commit was authored under a fabricated 'claude <[redacted]>' identity impersonating Anthropic's GitHub App. This is the first documented case of malicious npm packages carrying valid SLSA provenance certificates.
- 2026-05-13 / SKILLSMini Shai-Hulud Worm Compromises 170+ npm/PyPI Packages Including TanStack — First Documented Worm With Valid SLSA Build Level 3 AttestationsOn May 11, TeamPCP launched the largest npm worm attack of 2026, compromising 172 packages across 403 malicious versions totaling 518M cumulative downloads. The attack chained three GitHub Actions vulnerabilities: pull_request_target misconfiguration, cross-fork cache poisoning, and OIDC token extraction from runner memory. The 2.3MB obfuscated payload harvested AWS, GCP, K8s, and GitHub credentials. Critically, compromised packages carry valid SLSA Build Level 3 provenance attestations — meaning standard supply chain verification tools would not flag them.