TanStack npm Packages Compromised in Ongoing Mini Shai-Hulud...

Socket's Threat Research team discovered 84 compromised npm package artifacts in the TanStack namespace, all modified to include a sophisticated credential-stealing worm. The malicious payload (router_init.js, ~2.3 MB, heavily obfuscated) targets GitHub Actions OIDC tokens, AWS credentials (including IMDSv2), HashiCorp Vault, and Kubernetes service accounts. It also self-propagates by republishing itself to npm under stolen maintainer identities and persists on developer machines by injecting into Claude Code hooks (.claude/) and VS Code task runners (.vscode/tasks.json). The attack bypassed 2FA by exploiting an orphaned GitHub commit to access OIDC tokens. Affected packages include @tanstack/react-router (12M+ weekly downloads). Recommended actions include rotating all secrets, revoking OIDC federation grants, auditing .claude/ and .vscode/ directories, blocking egress to filev2.getsession[.]org, and implementing package lock integrity verification.