Home / Security updates / Security Advisory: Supply Chain Attack Affecting npm and PyPl Packages
Security Advisory: Supply Chain Attack Affecting npm and PyPl Packages
Security updates detail rendered from /security-updates/upd_1969984e4d4bf339.
Overview
| ID | upd_1969984e4d4bf339 |
| Collection | Security Updates |
| Provider | Wolfia |
| Company | ThoughtSpot |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_1969984e4d4bf339 |
| providerId | wolfia |
| organizationId | org_6e887cbb556eaa03 |
| trustCenterId | tc_d5faf9e1a34af7b3 |
| title | Security Advisory: Supply Chain Attack Affecting npm and PyPl Packages |
| message | *Update May 13, 2026 8:30 p.m. UTC: ThoughtSpot completed its investigation and has not found any impact to ThoughtSpot products and services.* *Update May 13, 2026 4:00 a.m. UTC: ThoughtSpot is still actively investigating if there is any impact of the supply chain attack on ThoughtSpot products and services.* We are aware of the supply chain attack affecting npm and PyPl packages ([<u>May 11, 2026</u>](https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised)) in which several open source packages were compromised as part of a coordinated supply chain campaign. **Status: ThoughtSpot Cloud platform and products are not affected.** We have completed our investigation into the npm and PyPI supply chain attack. After a thorough review of our systems and dependencies, we have found no evidence of exposure or compromise. We will continue to monitor the situation as it develops. |
| url | - |
| publishedAt | 2026-05-12 |
| source | {
"field": "swrFallback./trustportal/public/updates?limit=25"
} |
| company | {
"id": "org_6e887cbb556eaa03",
"name": "ThoughtSpot",
"domains": [
"security.thoughtspot.com"
]
} |
| trust_center | {
"id": "tc_d5faf9e1a34af7b3",
"name": "ThoughtSpot",
"url": "https://security.thoughtspot.com",
"host": "security.thoughtspot.com"
} |
| provider | {
"id": "wolfia",
"name": "Wolfia"
} |
| links | {
"self": "/v1/security-updates/upd_1969984e4d4bf339",
"company": "/v1/companies/org_6e887cbb556eaa03",
"trust_center": "/v1/trust-centers/tc_d5faf9e1a34af7b3",
"provider": "/v1/providers/wolfia"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_1969984e4d4bf339JSON