Home / Security updates / May 2026 TanStack Mini Shai-Hulud Supply Chain Attack Assessment
May 2026 TanStack Mini Shai-Hulud Supply Chain Attack Assessment
Security updates detail rendered from /security-updates/upd_0e7462f876f0ef03.
Overview
| ID | upd_0e7462f876f0ef03 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Drata |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_0e7462f876f0ef03 |
| providerId | safebase |
| organizationId | org_9708d68ec58f1549 |
| trustCenterId | tc_e9eb1dc435842fd1 |
| title | May 2026 TanStack Mini Shai-Hulud Supply Chain Attack Assessment |
| message | On May 11, 2026, Drata became aware of the TanStack Mini Shai-Hulud supply chain attack security incident. Reputable threat intelligence sources have reported that this incident compromised 84 packages in the ***@tanstack/**** npm namespace, modifying affected versions to steal CI/CD credentials and exfiltrate data to attacker-controlled infrastructure. - Recommended reading: [TanStack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack](https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack), Socket Research Team - Recommended reading: [TanStack npm Supply Chain Compromise Postmortem](https://tanstack.com/blog/npm-supply-chain-compromise-postmortem), TanStack We leverage TanStack packages within our product, but our pinned versions predate the affected range. We conducted a thorough investigation including cross-referencing our dependencies against the confirmed compromised package list, scanning our codebases and developer |
| url | - |
| publishedAt | 2026-05-12 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "incidents"
} |
| company | {
"id": "org_9708d68ec58f1549",
"name": "Drata",
"domains": [
"trust.drata.com",
"drata.com"
]
} |
| trust_center | {
"id": "tc_e9eb1dc435842fd1",
"name": "Drata",
"url": "https://trust.drata.com",
"host": "trust.drata.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_0e7462f876f0ef03",
"company": "/v1/companies/org_9708d68ec58f1549",
"trust_center": "/v1/trust-centers/tc_e9eb1dc435842fd1",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_0e7462f876f0ef03JSON