TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
A new Shai-Hulud variant has infected multiple npm repositories and jumped to other widely used JavaScript and Python ...