ENTITY Tanstack

Tanstack

PulseAugur coverage of Tanstack — every cluster mentioning Tanstack across labs, papers, and developer communities, ranked by signal.

Total · 30d

10

10 over 90d

Releases · 30d

0

0 over 90d

Papers · 30d

0

0 over 90d

TIER MIX · 90D

TOPICS

RELATIONSHIPS

used by Node Package Manager 70%

SENTIMENT · 30D

1 day(s) with sentiment data

RECENT · PAGE 1/1 · 10 TOTAL

RESEARCH · CL_68784 · Jun 3 · 08:28

Malicious packages with valid provenance exploit GitHub Actions flaws

A sophisticated attack campaign, dubbed "Mini Shai-Hulud" by the group TeamPCP, has successfully compromised numerous open-source packages across npm and PyPI, including prominent ones like TanStack, Mistral AI, and UiP…
TOOL · CL_52903 · May 26 · 18:01

AI developer tools expand attack surface, demanding new incident response

Recent AI developer supply chain incidents, like the May 2026 Mini Shai-Hulud wave, highlight a new reality where AI tools, packages, and CI systems are interconnected. Compromised AI SDKs, editor extensions, or package…
RESEARCH · CL_49093 · May 25 · 08:45

TeamPCP exploits GitHub, Grafana, and VS Code in supply chain attacks

A coordinated series of cyberattacks, attributed to the group TeamPCP, has exploited vulnerabilities across the software supply chain. These attacks, which began with a malicious VS Code extension on a GitHub employee's…
TOOL · CL_45596 · May 23 · 08:17

Perplexity open-sources Bumblebee to scan developer endpoints for supply-chain attacks

Perplexity has open-sourced Bumblebee, a new tool designed to scan developer endpoints for potential supply-chain attack vectors. This read-only scanner inventories installed packages, AI agent configurations, and edito…
TOOL · CL_37165 · May 18 · 14:15

TanStack considers invite-only PRs after supply chain attack

The open-source project TanStack is considering implementing invitation-only pull requests following a supply chain attack. A malicious worm exploited a GitHub Actions misconfiguration to poison a shared cache, compromi…
TOOL · CL_33643 · May 15 · 19:15

OpenAI confirms breach after TanStack supply chain attack

OpenAI has confirmed a security breach resulting from a supply chain attack targeting TanStack. The incident led to unauthorized access to two employee workstations, with a portion of authentication information being co…
RESEARCH · CL_32118 · May 14 · 18:35

Anthropic's Opus 4.7 shows improved performance, gains 'fast mode'

Anthropic has released a faster version of its Opus 4.7 model, which some users are finding to be an improvement over previous iterations and even competing models like GPT-5.5. The enhanced performance is noted in area…
TOOL · CL_31965 · May 14 · 17:25

Hackers steal OpenAI code via TanStack library vulnerability

Hackers accessed a portion of OpenAI's codebase by exploiting a vulnerability in the TanStack software library. The company has stated that no user data or production systems were compromised during the incident. In res…
TOOL · CL_30904 · May 13 · 00:00

OpenAI responds to TanStack supply chain attack, confirms no data breach

OpenAI has detailed its response to the "Mini Shai-Hulud" supply chain attack targeting the popular npm package TanStack. The company's security team investigated internal systems after the attack, which affected multip…
SIGNIFICANT · CL_28505 · May 12 · 11:53

TeamPCP hackers breach GitHub internal repos via malicious VS Code extension

The hacker group TeamPCP has breached GitHub's internal repositories, potentially compromising source code after a GitHub employee installed a malicious VS Code extension. The group claims to have exfiltrated approximat…