EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Signal

Shai-Hulud supply chain attack compromises TanStack, Mistral, and UiPath packages

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-05-12 10:10 UTCUpdated 2026-05-12 14:45 UTC
rss
supply_chain_attackmalwarenpmpypicredential_stealingsoftware_security
Trend in the last 24h
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
BackEvidence (3)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.
3 top sources shown
Mini Shai-Hulud Hits TanStack npm Packages
Infosecurity Magazine · News · infosecurity-magazine.com · 2026-05-12 14:45 UTC
View all evidence
Overview

The Mini Shai-Hulud campaign represents a significant supply chain attack impacting the open-source ecosystem. Attackers published hundreds of malicious package versions, including signed versions of TanStack and Mistral npm packages, as well as components related to UiPath. These compromised packages contain credential-stealing malware aimed at developers, highlighting ongoing risks in software supply chains and the need for enhanced package vetting and security practices.

Entities
TanStackMistral AIUiPath
Score total
1.27
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
  • The attack is recent and affects hundreds of package versions, increasing immediate risk to developers.
  • Popular packages like TanStack and Mistral AI are targeted, impacting many projects relying on them.
  • Ongoing supply chain threats underscore the urgency of improving package security and vetting processes.
Why it matters
  • Supply chain attacks can compromise widely used developer tools, risking large-scale credential theft.
  • Compromised packages in popular repositories like npm and PyPI threaten software integrity and developer trust.
  • Highlights the need for stronger security controls and monitoring in open-source package ecosystems.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
  • Mini Shai-Hulud campaign compromised hundreds of npm and PyPI packages delivering credential-stealing malware
How sources frame it
  • BleepingComputer: neutral
  • SecurityWeek: neutral
  • Infosecurity Magazine: neutral
All evidence
All evidence
Mini Shai-Hulud Hits TanStack npm Packages
Infosecurity Magazine · infosecurity-magazine.com · 2026-05-12 14:45 UTC
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
bleepingcomputer_all · bleepingcomputer.com · 2026-05-12 11:29 UTC
TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack
SecurityWeek · securityweek.com · 2026-05-12 10:10 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
  • Infosecurity Magazine (1)
  • bleepingcomputer_all (1)
  • SecurityWeek (1)
Top origin domains (this list)
  • infosecurity-magazine.com (1)
  • bleepingcomputer.com (1)
  • securityweek.com (1)