Techly NewsGet the app

Get the latest tech news

TanStack weighs invitation-only pull requests after supply chain attack


Shai-Hulud worm exploited GitHub Actions misconfiguration to poison shared cache, now project weighing nuclear option on unsolicited contributions

None

Get the Android app

Or read this on The Register

Read more on:

Photo of invitation

invitation

Photo of Supply chain attack

Supply chain attack

Photo of pull requests

pull requests

Related news:

News photo

OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

News photo

OpenAI confirms security breach in TanStack supply chain attack

News photo

Compromised Mistral and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm developer ecosystems like wildfire

« AMC+ Premium for $29.99: Stream Shudder, BBC America, and More for a Year
Mocked by a scandal sheet, Kierkegaard endured months of personal attacks »