Malicious npm Packages With Valid SLSA Provenance: Inside the TanStack Attack
A sophisticated attack campaign, dubbed "Mini Shai-Hulud" by the group TeamPCP, has successfully compromised numerous open-source packages across npm and PyPI, including prominent ones like TanStack, Mistral AI, and UiPath. The attackers exploited weaknesses in GitHub Actions to publish malicious versions of packages with valid SLSA provenance, a security measure previously thought to guarantee the integrity of the build process. This marks the first documented instance of malicious packages bypassing SLSA Build Level 3, raising significant concerns about software supply chain security. AI
IMPACT Undermines trust in software supply chains, potentially slowing adoption of AI tools reliant on open-source components.