the Shai-Hulud worm compromised 5 official @tanstack packages across 10 malicious versions, injecting credential-stealing malware into one of the most popular React routing libraries. StepSecurity's OSS Package Security Feed detected the compromise and is tracking its spread in real time.

StepSecurity

On May 11, 2026, the Shai-Hulud self-propagating npm worm compromised 5 official @tanstack packages, publishing 10 malicious versions within six minutes. The injected 2.3 MB obfuscated payload steals GitHub tokens, npm tokens, and CI/CD secrets. The worm propagates by using stolen CI/CD tokens to compromise additional packages, making it a cascading threat across the npm ecosystem. StepSecurity's OSS Package Security Feed detected and confirmed the attack as a live incident. Notably, even packages with SLSA provenance and OIDC-based publishing were not immune, as the worm exploits the legitimate build process itself.

Shai-Hulud Strikes TanStack: A Supply Chain Attack Targeting Millions of React Developers