The popular JavaScript library suite 'TanStack,' which is downloaded millions of times every week, has been hit by a supply chain attack; development environments with the problematic version installed are at risk of having their credentials leaked.

A supply chain attack was carried out against TanStack, a set of libraries widely used in JavaScript and React development, by releasing malware-infused versions of its npm packages. According to TanStack's official post-incident report, on May 11, 2026, the attackers released versions containing a total of 84 malicious code snippets across 42 TanStack-related packages.

Postmortem: TanStack npm supply-chain compromise | TanStack Blog

https://tanstack.com/blog/npm-supply-chain-compromise-postmortem

TeamPCP's Mini Shai-Hulud Is Back: A Self-Spreading Supply Chain Attack Compromises TanStack npm Packages - StepSecurity
https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem

TanStack is an open-source project known for its ' TanStack Router ,' ' TanStack Query ,' and ' TanStack Table ' packages. TanStack-related packages, available on npm, are downloaded millions of times every week and are widely incorporated into the development environments of front-end developers and enterprises. Attackers exploited the trust placed in these popular packages, creating a situation where malware could run simply by developers installing the packages as usual.

The attack exploited GitHub Actions, a mechanism that automates testing, building, and publishing to npm. The attackers reportedly injected malicious code into part of the release process by sending a pull request to the TanStack repository from an external source. The package containing the malicious code was then published to npm within what appeared to be a normal release process.

In environments where the problematic version is installed, there is a risk that cloud service credentials, GitHub tokens, npm tokens, SSH private keys, Kubernetes-related tokens, and other sensitive information may be stolen. In other words, the damage could spread not only to the developer's PC but also to the CI environment and internal company systems.

Furthermore, the malware also had the ability to use stolen credentials to spread infection to other npm packages. Security firm StepSecurity reported that similar attacks spread to projects other than TanStack, explaining that it was not just a single package tampering attack, but a worm-type attack targeting the entire npm ecosystem.

TanStack has officially deprecated the problematic version and requested npm to remove it. They have also implemented preventative measures, such as clearing the GitHub Actions cache and reviewing workflow settings.

StepSecurity recommends that developers check their project's lock files, such as package-lock.json, pnpm-lock.yaml, and yarn.lock, for any problematic TanStack-related packages. If 'router_init.js' or '@tanstack/setup' are present in node_modules, it may indicate that a version containing malicious code has been installed.

If you suspect you've installed a problematic version, simply updating the package isn't enough. TanStack officially advises treating affected environments as compromised and urging users to rotate their credentials for GitHub, npm, AWS, GCP, SSH, and other services. If a problematic version was installed in your CI environment, you'll also need to reissue any secrets stored in your CI environment.

StepSecurity points out that if the distribution channels of popular libraries are exploited, there is a risk that authentication information could be stolen through normal package installation. They also recommend that when judging the security of an npm package, one should check not only the publisher's reputation, but also the contents of the lock file, whether it is a suspicious version released recently, and the permission management in the CI/CD settings.