npm Supply Chain Attack Exposes 170+ Packages Including TanStack and Mistral AI—Maintainer Accounts Left Uncompromised

A sweeping npm supply chain attack has surfaced, targeting more than 170 packages with over 400 malicious versions published. The campaign stands out for a critical anomaly: investigators found no evidence that any maintainer accounts were compromised, raising sharp questions about how the malicious code entered the ecosystem. TanStack and Mistral AI emerged as the most recognizable names among the affected projects, triggering heightened scrutiny across the developer community.

Security researchers at SafeDep published detailed findings on the campaign, identifying the scope and distribution pattern of the malicious packages. Unlike typical supply chain intrusions that rely on stolen credentials or account takeovers, this operation apparently leveraged a different insertion mechanism. The absence of compromised maintainer accounts suggests either an exploitation of package publishing infrastructure or abuse of automated build and release pipelines. Researchers are still examining whether the attackers gamed npm's package submission review process or leveraged third-party CI/CD integrations to inject compromised releases.

The incident intensifies pressure on the JavaScript ecosystem's dependency verification practices. TanStack, a widely-used UI component library, and Mistral AI, a prominent artificial intelligence company, both maintain significant downstream usage in production environments. Security teams worldwide are now auditing their dependency trees and package-lock files for indicators of compromise. The attack highlights the persistent vulnerability of open-source registries to typosquatting, dependency confusion, and novel supply chain manipulation techniques, even when the primary credential infrastructure appears untouched. Package registry operators face renewed calls to implement stronger version provenance checks and automated malware detection at publish time.