OpenAI Responds to TanStack npm Supply Chain Attack
Severity: Medium (Score: 54.9)
Sources: Technadu, Openai, News.Az, Cryptopolitan, www.reuters.com
Summary
On May 11, 2026, OpenAI identified a supply chain attack involving the TanStack npm library, part of a broader campaign called Mini Shai-Hulud. Two employee devices were compromised, leading to the exfiltration of limited credential material from internal repositories. OpenAI confirmed that no user data, production systems, or intellectual property were accessed or altered during the incident. The attackers exploited TanStack's legitimate release pipeline to publish 84 malicious packages across 42 npm packages. As a precaution, OpenAI is rotating its code-signing certificates, requiring macOS users to update their applications by June 12, 2026. The company engaged a third-party forensics firm to assist with the investigation and has implemented measures to prevent future incidents. Key Points: • OpenAI confirmed no user data was accessed during the TanStack npm supply chain attack. • The attack involved the publication of 84 malicious packages exploiting TanStack's release pipeline. • macOS users must update their applications by June 12, 2026, due to compromised code-signing certificates.
Key Entities
- Malware (attack_type)
- Supply Chain Attack (attack_type)
- Worm (attack_type)
- Mini Shai-Hulud (malware)
- Shai-hulud 2.0 (malware)
- Mini-Shai-Hulud (campaign)
- Aqua Security (company)
- Guardrails AI (company)
- Mistral AI (company)
- OpenAI (company)
- TanStack (company)
- Bitwarden (tool)
- OpenSearch (tool)
- Codex CLI (tool)
- Npm (tool)
- SSH (tool)
- CWE-200 - Exposure of Sensitive Information (cwe)
- news.az (domain)
- our.no (domain)
- T1003 - OS Credential Dumping (mitre_attack)
- T1041 - Exfiltration Over C2 Channel (mitre_attack)
- T1059 - Command and Scripting Interpreter (mitre_attack)
- T1195 - Supply Chain Compromise (mitre_attack)
- Android (platform)
- Atlas (platform)
- ChatGPT Desktop (platform)
- Codex App (platform)
- GitHub (platform)