When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...

OpenAI has confirmed two employee devices were affected by the recent TanStack supply chain attack, but stressed the incident ...

On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source ...

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and ...

OpenAI said the damage was limited to the employees’ devices, and did not affect user data nor its production systems, and ...

Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...

OpenAI has rotated code-signing certificates after code repositories containing them were compromised in the TanStack supply ...

A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain ...

An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft ...

OpenAI says no user data was accessed in the TanStack npm compromise: two corporate laptops, some credentials, and a forced macOS update.

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...