Threats Tagged 'tanstack'

The Mini Shai-Hulud campaign compromised 84 npm package artifacts in the TanStack namespace with credential-stealing malware targeting continuous integration systems. On May 11, 2026, attackers published 84 malicious versions across 42 TanStack packages by chaining the pull_request_target pattern, GitHub Actions cache poisoning, and extracting OIDC tokens from runner process memory. The attack affected high-profile packages including @tanstack/react-router, which receives over 12 million weekly downloads. Wiz attributes this activity to TeamPCP, which has previously compromised SAP, Checkmarx, Bitwarden and other developer tools. The campaign expanded beyond TanStack to include OpenSearch npm versions, PyPI mistralai packages, and others, using three exfiltration routes including typosquatted domains, Session messenger network, and GitHub API dead drops.

An attacker registered the unscoped 'tanstack' name on npm and published four malicious versions (2.0.4-2.0.7) within 27 minutes on April 29, 2026. These packages contained postinstall hooks that automatically exfiltrated environment files containing sensitive credentials when developers ran npm install. The attacker exploited name confusion with the legitimate @tanstack organization, which publishes widely-used JavaScript libraries. The malicious code targeted .env files, stealing AWS keys, API tokens, database credentials, and OAuth secrets by sending them to an attacker-controlled Svix webhook endpoint. Version 2.0.6 was particularly dangerous, sweeping all .env variants in the working directory. The version history reveals live debugging by the attacker, who iteratively refined the payload targeting and stealth capabilities while the package remained publicly available with approximately 19,830 monthly downloads.