しぃアンテナ(*゚ー゚)

読込中...

2026年5月12日火曜日

Postmortem: TanStack npm supply-chain compromise | TanStack Blog

by Tanner Linsley on May 11, 2026. Last updated: 2026-05-11 TL;DR# On 2026-05-11 between 19:20 and 19:26 UTC, an attacker published 84 malicious versions across 42 @tanstack/* npm packages by combining: the pull_request_target "Pwn Request" pattern, GitHub Actions cache poisoning across the fork↔...

Posted from: this blog via Microsoft Power Automate.

投稿者 時刻:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)