THREATNOIR
Subscribe
Back to Feed
Supply ChainMay 12, 2026

Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain

Hundreds of npm packages infected by self-propagating worm targeting TanStack ecosystem.

Read at source

Summary

A self-propagating worm attributed to TeamPCP has infected hundreds of npm packages related to the TanStack open source ecosystem. The worm, known as Mini Shai-Hulud, steals credentials and propagates itself across the supply chain. This represents a significant threat to developers and organizations depending on TanStack libraries.

Indicators of Compromise

  • malware — Mini Shai-Hulud

Entities

TeamPCP (threat_actor)npm (technology)TanStack ecosystem compromise (campaign)TanStack (product)