[SECURITY]■ STORY TIMELINE

NPM SUPPLY CHAIN ATTACK HITS MISTRAL, UIPATH, TANSTACK

Security researchers at Socket have identified a supply chain attack affecting multiple npm packages, including widely-used tools from Mistral, UiPath, and TanStack's react-router. The compromise is attributed to the Mini Shai-Hulud attack campaign.

3 SOURCESFIRST SEEN MAY 11, 11:55 PM► READ THE ARTICLE

Techmeme+0m

Many npm packages for Mistral, UiPath, TanStack's web dev tools like react-router, and more were compromised, likely in the Mini Shai-Hulud supply chain attack (Socket)

Socket: Many npm packages for Mistral, UiPath, TanStack's web dev tools like react-router, and more were compromised, li…

Bleeping Computer+11h 35m

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering cred…

Techmeme+13h 25m

Microsoft says it is investigating a Mistral AI PyPI package v2.4.6 compromise; the attack is likely part of the Mini Shai-Hulud supply chain attack (Etiido Uko/Tom's Hardware)

Etiido Uko / Tom's Hardware: Microsoft says it is investigating a Mistral AI PyPI package v2.4.6 compromise; the attack…

◄ BACK TO ARTICLE