TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

By rooter

TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign.
The affected npm packages have been modified to include an obfuscated JavaScript file (“router_init.js”) that’s designed to profile the execution

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

AI Will Absorb 99.98% of SOC Triage Within a Year, as 79% of IT teams brace for AI-driven workload shift

rooter
Cyber Security

GDPR FAQ

rooter
Cyber Security

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

rooter

Leave a Reply

You Missed

Cyber Security

AI Will Absorb 99.98% of SOC Triage Within a Year, as 79% of IT teams brace for AI-driven workload shift

Cyber Security

GDPR FAQ

News

These new Roombas are smaller and cheaper

News

‘Daybreak’: OpenAI’s Answer to Anthropic’s Project Glasswing Has Arrived