Back to article
TanStack Blog

Postmortem: TanStack NPM supply-chain compromise (opens in new tab)

Covered by 31 sources See all sources covering this story including blef.fr, DEV CommunityDiscussed on Hacker News, Hacker News, Lobsters, r/netsec, r/programming, and DEV

Covered in 37 articles

blef.fr·

We got attacked via GitHub PRs

Discussed on Hacker News
Feeds
DEV Community·

The New Shape of Supply-Chain Trust

Discussed on DEV
Feeds
DEV Community·

Supply Chain Attacks Aren't Just a Big Library Problem — Here's What You Can Do Today

Discussed on DEV
Feeds
DEV Community·

This Week In React #281 : Next.js, TanStack, Security, Redact | Redraw, Expo, Tabs, Screens

Discussed on DEV
Feeds
DEV Community·

Protecting your Node.js project against supply-chain attacks

Discussed on DEV
Feeds
DEV Community·

Deep Dive: TanStack npm supply-chain compromise

Discussed on DEV
Feeds
DEV Community·

The TanStack npm Attack Shows Why pnpm 11 Matters

Discussed on DEV
Feeds
Supabase Blog·

Protecting your Supabase projects from npm supply chain attacks

Feeds
TechCrunch·

OpenAI says hackers stole some data after latest code security issue

Feeds
InfoQ·

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages

Feeds

In other languages

blog.cosine.ren·

FE Bits Vol.34 | @antv npm 包供应链攻击,Tailwind v4.3 发布 | 周刊

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help