Shai-Hulud Part 2: When the Worm Forged Its Own Security Certificate by Lucie Cardiet

Crypto Briefingsupply chain attack mistral ai uipath tanstack

TanStack, Mistral AI, UiPath targeted in major supply chain attack compromising 170+ packages

The attack highlights the critical need for enhanced security measures in software supply chains to protect digital asset infrastructures. The post TanStack, Mistral AI, UiPath targeted in major supply chain attack compromising 170+ packages appeared first on Crypto Briefing.

May 14, 1:33 AM

InfoWorld AIsupply chain attack npm pypi react

Mistral AI SDK, TanStack Router hit in npm software supply chain attack

The TeamPCP threat group has pulled off another big supply chain attack which within a few hours this week was able to successfully compromise 170 Node Package Manager (npm) and PyPI packages. The attack affected the entire TanStack Router ecosystem (@tanstack) of 42 packages, a routing library hugely popular among React web application developers. Multiple other packages were also affected, including @squawk (87 packages), @uipath (66 packages), @tallyui (30 packages), @beproduct (18 packages), as well as Mistral AI’s SDK suite on both npm and PyPI, and the Guardrails AI PyPI package. The attacks, noticed by several vendors using automated security tools, happened on May 11, spreading rapidly through package ecosystems thanks to the worm capabilities of the automated Mini Shai-Hulud malware platform, analysis found. The exact number of package versions caught up in the attack varies depending on the source; according to Aikido Security it was 373 across 169 package namespaces, while S

May 12, 5:19 PM

Live Bitcoin Newsnpm tanstack github oidc tokens cloud keys

The npm Package That Wipes Your Files When You Try to Stop It

An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a dead-man’s switch that nukes your system. The attacker’s timing was specific. A fork, a hidden commit, a zero-diff pull request, and then nothing visible for nearly eight hours. On May 11, between 19:20 and 19:26 […] The post The npm Package That Wipes Your Files When You Try to Stop It appeared first on Live Bitcoin News.

May 12, 1:00 PM

Vectra.ai Blogattackers mfa sign-ins credential-based threats

Attackers Don’t Hack In — They Log In: The MFA Blind Spot by Lucie Cardiet

Attackers bypass MFA using non-interactive sign-ins. Learn how to detect and stop credential-based threats before they escalate.

Apr 16, 12:00 AM

Vectra.ai Bloglucie cardiet supply chain data theft saas

The rise of supply chain-driven data theft in SaaS environments by Lucie Cardiet

Supply chain attacks are shifting from exploits to access reuse. Learn how stolen tokens, SaaS integrations, and fragmented visibility enable data theft without triggering traditional detection.

Apr 14, 12:00 AM

Vectra.ai Blogcode execution attackers axios npm package

Breaking down the axios supply chain incident by Lucie Cardiet

A compromised npm package is only the entry point. The axios incident shows how quickly attackers pivot from code execution to credential abuse, identity misuse, and cloud access.

Apr 1, 12:00 AM