Advertisement
Actively Exploited CVEs: Daemon Tools Lite, TanStack, Nx Console
CISA added three vulnerabilities—CVE-2026-8398, CVE-2026-45321, CVE-2026-48027—to its KEV Catalog due to active exploitation. Prioritize patching.
GitHub Repository Breach Linked to TanStack Supply Chain Attack
GitHub confirms the breach of 3,800 internal repositories via a compromised VS Code extension linked to the TanStack npm supply chain attack.
Grafana Breach After TanStack Attack: Token Rotation Failure
Grafana suffered a data breach due to a GitHub workflow token not rotated after the TanStack npm supply-chain attack, impacting user data. Learn the details.
OpenAI Employee Devices Targeted in TanStack Supply Chain Attack
OpenAI reports compromise of two employee macOS devices via the TanStack supply chain attack. Learn how to detect and mitigate the Mini Shai-Hulud threat.
OpenAI Breach: TanStack Supply Chain Attack Impacts Employee Devices
OpenAI confirms two employee devices compromised in a TanStack supply chain attack affecting npm and PyPI packages, prompting certificate rotation.
Shai-Hulud Supply Chain Attack: Malicious npm and Mistral Packages
The Shai-Hulud campaign targets developers with over 300 signed npm and PyPI packages impersonating TanStack and Mistral to steal sensitive credentials.