[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f765gwG2aoGcZNH6_kw2qRHhqveDmaX8fbGyi1odmhEk":3},{"article":4,"iocs":50},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":30,"category":31,"article_tags":34},"191d31c6-4454-41b8-bd0f-ba153839188d","Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain","worm-redux-fresh-mini-shai-hulud-infections-bite-supply-chain-c1107c","Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.","A self-propagating worm attributed to TeamPCP has infected hundreds of npm packages related to the TanStack open source ecosystem. The worm, known as Mini Shai-Hulud, steals credentials and propagates itself across the supply chain. This represents a significant threat to developers and organizations depending on TanStack libraries.","Hundreds of npm packages infected by self-propagating worm targeting TanStack ecosystem.",null,"https:\u002F\u002Fwww.darkreading.com\u002Fapplication-security\u002Fworm-redux-fresh-mini-shai-hulud-infections-bite-supply-chain","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblt98af205e9fd3397b\u002F6a030d8e8affd2e99d18dd19\u002Fsandworms_FlixPix_Alamy.png?width=1280&auto=webp&quality=80&disable=upscale","2026-05-12T11:07:43+00:00","2026-05-12T18:00:23.16122+00:00",9,[18,21,24,27],{"name":19,"type":20},"TeamPCP","threat_actor",{"name":22,"type":23},"npm","technology",{"name":25,"type":26},"TanStack ecosystem compromise","campaign",{"name":28,"type":29},"TanStack","product","26b0b636-0e31-4db1-bffb-61bdf9f20a58",{"id":30,"icon":11,"name":32,"slug":33},"Supply Chain","supply-chain",[35,40,45],{"category":36},{"id":37,"icon":11,"name":38,"slug":39},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":41},{"id":42,"icon":11,"name":43,"slug":44},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":46},{"id":47,"icon":11,"name":48,"slug":49},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[51],{"type":39,"value":52,"context":53},"Mini Shai-Hulud","Self-propagating worm stealing credentials in npm packages"]