Tuesday, May 12, 2026

in-security: TanStack npm supply-chain compromise

danger!

 Postmortem: TanStack npm supply-chain compromise | TanStack Blog


What the malware does?
When a developer or CI environment runs npm install, pnpm install, or yarn install against any affected version, npm resolves the malicious optionalDependencies entry, fetches the orphan payload commit from the fork network, runs its prepare lifecycle script, and executes a ~2.3 MB obfuscated router_init.js smuggled into the affected tarball. The script:Harvests credentials from common locations: AWS IMDS / Secrets Manager, GCP metadata, Kubernetes service-account tokens, Vault tokens, ~/.npmrc, GitHub tokens (env, gh CLI, .git-credentials), SSH private keys


 TanStack & MANY more packages affected - a deep dive & analysis - YouTube by MaxS

This video discusses an active and large-scale supply chain attack targeting the TanStack ecosystem, which has since spread to other npm packages and the Python ecosystem. The malware functions as a worm, harvesting sensitive credentials like npm tokens, GitHub tokens, and AWS secrets from compromised machines, then using them to publish further malicious packages.

Key takeaways:

  • Attack Vector: The attackers exploited the GitHub Actions "pull request target" pattern, poisoning the project's cache to inject malicious code into the CI/CD pipeline of the base repository.
  • Exfiltration and Propagation: Once inside a CI/CD workflow, the malware steals short-lived tokens, allowing the attacker to publish malicious versions of packages automatically.
  • Security Recommendations:
    • Avoid installing new packages while the attack is ongoing.
    • Run development environments in isolated virtual machines or dev containers rather than directly on your host system.
    • Use secure secret management (e.g., Doppler or Infisical) instead of storing raw credentials on disk.
    • Configure package managers (like bun or pnpm) to block post-install scripts and enforce minimum package release age policies.
  • Current Status: While the TanStack maintainers identified and contained the threat quickly, the attack is still propagating to other ecosystems. Security best practices, such as monitoring network traffic and reviewing CI/CD workflows, are essential for defense.


And similar cheating is happening with AI, and with pre-trading AI stocks, too...
Nothing is safe and secure anymore?

this is really bad... - YouTube

WTF is going on at Anthropic?! - YouTube by MattB.



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)