A massive supply chain breach has rocked the developer community after malicious actors compromised 84 npm packages within the widely used TanStack ecosystem. The attackers injected a sophisticated credential-stealing payload designed to silently harvest secrets from continuous integration environments, including GitHub Actions pipelines. Packages such as React Router, downloaded over 12 million times weekly, were […]
The post 84 TanStack npm Packages Compromised in Ongoing Supply-Chain Attack Targeting CI Credentials appeared first on Cyber Security News.