Skip to content
The Nexus
SECURITYMay 12 · 08:50 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP has compromised npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a Mini Shai-Hulud campaign. The affected packages include an obfuscated JavaScript file designed to profile execution. This compromise is part of a recent supply chain attack spree.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this