Ashishkurmi

**Name of the Vulnerable Software and Affected Versions** TanStack (affected versions not specified) **Description** A supply chain attack involving a self-propagating worm known as Mini Shai-Hulud allowed the publication of malicious versions of 42 `@tanstack/*` packages to the npm registry. The attacker exploited a chain of three issues: a `pull request target` misconfiguration, GitHub Actions cache poisoning across the fork-base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process. This enabled the publication of malware under a trusted identity with valid SLSA Build Level 3 provenance attestations. The malware uses an obfuscated JavaScript file named `router init.js` to harvest sensitive data, including AWS, GCP, and Kubernetes credentials, GitHub and npm tokens, SSH private keys, and crypto wallets. Stolen data is exfiltrated via the Session/Oxen messenger network using endpoints such as 'filev2.getsession.org'. The worm is self-propagating, using stolen credentials to compromise other packages maintained by the victim. It also establishes persistence through a `gh-token-monitor` daemon and injections into VS Code and Claude Code settings. Real-world impacts include the compromise of tens of thousands of systems, with confirmed victims such as OpenAI (stolen code-signing certificates), Mistral AI (SDK contamination), and GitHub (breach of 3,800 internal repositories). **Recommendations** Update to the patched version for each affected package and reinstall from a clean lockfile. Pin `@tanstack/*` dependencies to known-good versions published before 2026-05-11 19:00 UTC. Delete `node modules` and the lockfile before reinstalling to prevent transitive dependency resolution to malicious versions. Configure npm to skip lifecycle scripts by using `npm config set ignore-scripts true` as a temporary defense. Remove `gh-token-monitor` daemons and rotate all credentials accessible to the install process if a compromise is suspected. Monitor CI runners for DNS queries to 'getsession.org'.

Name of the Vulnerable Software and Affected Versions @usebruno/cli versions installed between 00:21 UTC and ~03:30 UTC on March 31, 2026 Description A supply chain attack involving compromised versions of the `axios` npm package introduced a hidden dependency deploying a cross-platform Remote Access Trojan (RAT). Users of `@usebruno/cli` who ran `npm install` during the affected time window may have been impacted, potentially leading to the execution of a malicious `postinstall` script, RAT installation, and exfiltration of credentials and sensitive data. Bruno desktop app users and those who installed outside the attack window were not impacted. The compromised `axios` versions (`1.14.1`, `0.30.4`) have been removed from npm. Recommendations If you installed @usebruno/cli during the affected window, reinstall dependencies. Rotate all credentials and secrets.