TanStack Router hit by massive supply chain attack
The popular TanStack Router framework was the primary target of a sophisticated npm supply chain attack dubbed "Mini Shai-Hulud," which compromised 42 packages across the @tanstack ecosystem and namespaces for Mistral AI and UiPath. By poisoning the GitHub Actions cache to hijack the OIDC-based release pipeline, attackers published 84 malicious versions carrying valid SLSA provenance while harvesting cloud credentials and installing a destructive wiper payload. The TanStack team has issued an "All Clear" as of May 15, 2026, but the incident marks a significant escalation in the complexity of package manager exploits.
This exploit breaks the "provenance equals safety" mental model by attacking the build pipeline itself rather than stealing maintainer keys.
- –Attackers bypassed OIDC "trusted publisher" protections by poisoning the pnpm cache, proving that even cryptographically signed releases can be malicious if the environment is compromised.
- –The inclusion of a "dead-man's switch" wiper that deletes the user's home directory upon token revocation is a malicious layer of retaliation designed to deter security response.
- –The malware's worm behavior, which uses stolen tokens to infect other packages maintained by the victim, creates a recursive threat that could cascade through the entire npm registry.
- –This event will likely accelerate the adoption of "dependency cooldowns" and the use of modern package managers like Bun that disable lifecycle scripts by default.
DISCOVERED
1h ago
2026-05-15
PUBLISHED
1h ago
2026-05-15
RELEVANCE
AUTHOR
Theo - t3․gg