Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
Details
CVSS v3
9.6
NVD published
2026-05-12 01:16:46
Affected versions
84 malicious versions across 42 @tanstack/* packages, plus affected packages from Mistral AI and Guardrails AI published 2026-05-11 UTC
Summary
Attackers exploited a GitHub Actions pull_request_target misconfiguration, cross-repository cache poisoning, and OIDC token theft to publish credential-stealing malware to the public npm registry under a legitimate trusted identity. Any project that installs these malicious versions will have user credentials stolen and can be fully compromised. The attack impacted widely used JavaScript open source libraries.
Remediation
Immediately audit npm dependencies to detect and remove any affected malicious versions published between 19:20 and 19:26 UTC on 2026-05-11. Roll back to verified legitimate versions of affected packages. Enable dependency pinning and cryptographic verification for all production dependencies. Scan running systems for signs of unauthorized access and credential compromise.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.