Breaking
Technology
TanStack Supply Chain Attack Exploited GitHub Actions to Publish 84 Malicious npm Packages in Six Minutes
Coordinated breach weaponised OIDC tokens and CI/CD automation to compromise 42 packages with credential-harvesting payloads, exposing structural flaws in trusted publishing.
7 min read
·