TanStack npm Supply Chain Breach: 84 Malicious Packages Deployed in Six Minutes, Disk-Wiping Malware Confirmed

A sophisticated supply chain attack compromised 84 versions of TanStack npm packages between 19:20 and 19:26 UTC on May 11, embedding malware capable of credential theft, self-propagation, and complete disk erasure on infected hosts. The campaign, linked to the ongoing Mini Shai-Hulud operation, also targeted packages from OpenSearch client, Mistral AI, UiPath, and Guardrails AI across npm and PyPI repositories. StepSecurity detected and reported the breach within 30 minutes, triggering incident response and npm deprecation of the malicious versions.

The attack vector exploited TanStack's pull request workflow: an attacker submitted a malicious commit via a fork, which triggered auto-run build scripts upon merging the PR. This allowed the malware to compile and distribute directly through TanStack's official build pipeline, bypassing traditional code review checkpoints. GitHub issued a security advisory at 21:30 UTC documenting the affected packages. TanStack founder Tanner Linsley published a postmortem detailing the exploit chain, while Socket confirmed the broader scope of the campaign across multiple high-profile open-source packages.

The incident intensifies pressure on open-source package ecosystem security, particularly npm's dependency on automated build processes. Organizations using TanStack or the additional compromised packages face risks of credential exfiltration and system compromise. Security teams should audit dependencies, revoke potentially exposed secrets, and review CI/CD pipeline configurations for similar PR-based attack surfaces. The rapid detection window demonstrated effective community response, though the attack's sophistication—leveraging trusted development workflows—underscores persistent vulnerabilities in software supply chains.