How Tanstack Was Hijacked 12m Downloads

Media Summary: Try Seer Agent for free - It uses all of Sentry's context on your app to investigate production issues for you. Shai Hulud is back for round four, and this time it hit New week, new HUGE supply chain attack. Likely still ongoing, MANY packages are affected. I take a look at what's happening ...

How Tanstack Was Hijacked 12m Downloads - Detailed Analysis & Overview

Try Seer Agent for free - It uses all of Sentry's context on your app to investigate production issues for you. Shai Hulud is back for round four, and this time it hit New week, new HUGE supply chain attack. Likely still ongoing, MANY packages are affected. I take a look at what's happening ... Get 20% off Mobbin Pro to make your apps not ugly - Yesterday, npm got rocked by a record-breaking ... Learn to build full-stack apps with Payload — Get early access to videos and ... Significant supply-chain attack involving the Mini Shai-Hulud malware, which compromised over 160 npm packages, most notably ...

Photo Gallery

A single PR just hijacked the NPM registry...

TanStack was compromised, and it's bad

They Hit TanStack. 518 Million Downloads. And the Security Cert Was Real.

The NPM Worm Is Back And It's So Much Worse (TanStack Hacked)

Beware if you are using tanstack

Avoid This TanStack Mistake!

TanStack & MANY more packages affected - a deep dive & analysis

The largest supply-chain attack ever…

Mini Shai-Hulud: The Most Sophisticated NPM Supply Chain Attack of 2026

TanStack Supply Chain Attack Explained | How One npm Install Compromised Developers

TanStack Start in 90 seconds

TanStack Supply Chain Compromise: Analysis and Postmortem

View Detailed Profile

A single PR just hijacked the NPM registry...

A single PR just hijacked the NPM registry...

Try Seer Agent for free - https://sentry.io/fireship. It uses all of Sentry's context on your app to investigate production issues for you.

TanStack was compromised, and it's bad

TanStack was compromised, and it's bad

https://

They Hit TanStack. 518 Million Downloads. And the Security Cert Was Real.

They Hit TanStack. 518 Million Downloads. And the Security Cert Was Real.

TeamPCP is back. On May 11th they

The NPM Worm Is Back And It's So Much Worse (TanStack Hacked)

The NPM Worm Is Back And It's So Much Worse (TanStack Hacked)

Shai Hulud is back for round four, and this time it hit

Beware if you are using tanstack

Beware if you are using tanstack

TanStack

Avoid This TanStack Mistake!

Avoid This TanStack Mistake!

TanStack

TanStack & MANY more packages affected - a deep dive & analysis

TanStack & MANY more packages affected - a deep dive & analysis

New week, new HUGE supply chain attack. Likely still ongoing, MANY packages are affected. I take a look at what's happening ...

The largest supply-chain attack ever…

The largest supply-chain attack ever…

Get 20% off Mobbin Pro to make your apps not ugly - https://mobbin.com/fireship Yesterday, npm got rocked by a record-breaking ...

Mini Shai-Hulud: The Most Sophisticated NPM Supply Chain Attack of 2026

Mini Shai-Hulud: The Most Sophisticated NPM Supply Chain Attack of 2026

On May 11, 2026, the

TanStack Supply Chain Attack Explained | How One npm Install Compromised Developers

TanStack Supply Chain Attack Explained | How One npm Install Compromised Developers

The recent

TanStack Start in 90 seconds

TanStack Start in 90 seconds

Learn to build full-stack apps with Payload — https://nlvcodes.com/courses/payload-essentials Get early access to videos and ...

TanStack Supply Chain Compromise: Analysis and Postmortem

TanStack Supply Chain Compromise: Analysis and Postmortem

Significant supply-chain attack involving the Mini Shai-Hulud malware, which compromised over 160 npm packages, most notably ...

The perfect npm attack by hackers | Tanstack is hacked

The perfect npm attack by hackers | Tanstack is hacked

TanStack