This supply chain attack involved the insertion of credential-stealing malware into 84 npm package versions across 42 TanStack packages. The attackers exploited GitHub Actions workflows by chaining vulnerabilities such as the pull_request_target event misuse, cache poisoning, and extracting OIDC tokens from the memory of GitHub runners. The campaign targeted continuous integration systems to steal credentials and exfiltrate data through multiple channels, including typosquatted domains and messaging networks. The adversary, TeamPCP, has a history of compromising developer tools and expanded this campaign to other package repositories beyond npm. The attack affected widely used packages, increasing the potential impact on the developer community.

The campaign compromises developer supply chains by injecting malware into popular npm packages, potentially leading to credential theft from continuous integration environments. This can result in unauthorized access to sensitive systems and data. The affected packages have high download volumes, increasing the risk of widespread exposure. The attack also demonstrates advanced techniques to bypass GitHub Actions security controls. However, no confirmed exploitation in the wild has been reported to date.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Organizations using affected TanStack packages should monitor official communications from package maintainers and GitHub for updates or patches. Review and harden GitHub Actions workflows to mitigate risks related to pull_request_target events and cache poisoning. Rotate any potentially exposed credentials and OIDC tokens. Avoid using packages from suspicious or typosquatted domains such as git-tanstack.com. Since no official fix is documented, prioritize vigilance and follow vendor advisories as they become available.