3 matches found
Exploit for Embedded Malicious Code in Tanstack Tanstack\/Arktype-Adapter
TanStack Supply Chain Compromise - IOC Checker bash curl -...
Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
Summary On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow...
CVE-2026-45321
CVE-2026-45321 is a real npm supply-chain attack affecting 42 TanStack packages where 84 malicious releases were published within ~6 minutes using a legitimate GitHub Actions OIDC trusted-publisher binding. The malicious router_init.js payload exfiltrated credentials (GitHub tokens, cloud keys, S...