TanStack tightens security measures after supply chain attacks. Pull requests may soon only be possible by invitation.

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...

Web applications rely on multiple layers of infrastructure to process user requests efficiently. Load balancers, reverse proxies, caching servers, and application servers all work together to improve ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

OpenAI reported no user data compromise after a supply-chain attack targeting the TanStack npm library, part of the broader ...

OpenAI said it found no evidence that user data was accessed after a supply-chain attack involving the TanStack npm library.

A Canadian company providing online privacy and security tools says it would leave the country over a federal bill that could ...

On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source ...

A poisoned open-source dependency let attackers breach two OpenAI employee devices and steal credentials from a limited set of its internal source code repositories, OpenAI confirmed in a May 14, 2026 ...

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings ...