Back to article
Comments on:

TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages (opens in new tab)

Covers 4 stories See all stories this covers including Mini Shai-Hulud - TanStack and more npm packages compromised, with SLSA Build Level 3 provenance attestations

Covers 4 related stories

stepsecurity.io·

Mini Shai-Hulud - TanStack and more npm packages compromised, with SLSA Build Level 3 provenance attestations

Discussed on Lobsters
Feeds
Socket·

Tanstack NPM Packages Compromised in Ongoing Supply-Chain Attack

Discussed on Hacker News and r/reactjs
Feeds
Wiz Blog·

Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised

Feeds
cert.europa.eu·

European Commission cloud breach: a supply-chain compromise

Discussed on Hacker News
Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help