SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
NewsBytes

OpenAI says no user data compromised in supply-chain security incident

OpenAI reported no user data compromise after a supply-chain attack targeting the TanStack npm library, part of the broader ...

OpenAI says no user data stolen after supply-chain hackers accessed employee devices

OpenAI said it found no evidence that user data was accessed after a supply-chain attack involving the TanStack npm library.
Cybernews

Google Cloud developers going bankrupt over Gemini API key abuse: hard spending caps now available

Developers are being hit with massive, unexpected charges, sometimes over $67,000, because Google’s budget alerts and fraud ...

Page 2: OpenTelemetry for MemoryCache

The fourth preview brings new methods to existing classes in the .NET base class library and a new configuration file for ...
OSTechNix

JavaScript Timestamp Bugs: How UTC Mistakes Break Web Apps

Learn how a single JavaScript Date() timezone mistake silently corrupts web apps and how to fix timestamp bugs in JS, Python, ...