gl o
signal
← All stories
Signal 2 sources ·

Several npm packages for the TanStack web development tools were compromised in the Mini Shai-Hulud supply chain attack; Mistral packages were also affected

- Immediate triage: Run shasum -a 256 on all router_init.js files in your dependency tree.
Several
Covered by: techmeme hackernews
Read on socket.dev →