{"id":60662,"date":"2026-05-15T10:08:07","date_gmt":"2026-05-15T10:08:07","guid":{"rendered":"https:\/\/www.theregister.com\/a\/5241019"},"modified":"2026-05-15T10:08:07","modified_gmt":"2026-05-15T10:08:07","slug":"openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/","title":{"rendered":"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/image.theregister.com\/5241038.jpg?imageId=5241038&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683\" class=\"ff-og-image-inserted\"><\/div>\n<div data-element-guid=\"d11159dd-82a3-4c53-901c-d41dec75505c\" readability=\"32.815331010453\">\n<p class=\"kicker \">Security<\/p>\n<p class=\"subtitle \">Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines<\/p>\n<\/p><\/div>\n<div data-element-guid=\"4c9dc5d9-c886-4348-bf4a-01d0dc71377d\" readability=\"79.330188679245\">\n<p>OpenAI says attackers behind the TanStack npm supply chain compromise stole internal credentials after reaching two employee devices, forcing the company to rotate signing certificates for several desktop products.<\/p>\n<p>The company <a href=\"https:\/\/openai.com\/index\/our-response-to-the-tanstack-npm-supply-chain-attack\/\">disclosed<\/a>&nbsp;this week that it had been caught up in the wider &#8220;Mini Shai-Hulud&#8221; campaign targeting npm ecosystems and developer infrastructure, though it said there was no evidence that customer data, production systems, or deployed software were compromised.<\/p>\n<p>OpenAI said the incident happened during a phased rollout of new supply chain security controls introduced after a previous <a href=\"https:\/\/openai.com\/index\/axios-developer-tool-compromise\/\">Axios-related incident<\/a>. According to the company, the two compromised employee devices had not yet received updated package management protections that would have blocked the malicious dependency.<\/p>\n<p>The attackers carried out &#8220;credential-focused exfiltration activity&#8221; against a limited set of internal repositories reachable from the affected employee machines, according to OpenAI. It said &#8220;only limited credential material was successfully exfiltrated from these code repositories.&#8221;<\/p>\n<p>That was apparently enough to trigger a precautionary reset across multiple products. OpenAI is rotating the certificates used to sign macOS versions of ChatGPT Desktop, Codex App, Codex CLI, and Atlas, and is requiring users to update the affected software by June 12.<\/p>\n<p>The incident ties OpenAI to the increasingly messy supply chain campaign that has spent the past several weeks worming through npm ecosystems, CI\/CD infrastructure, and GitHub Actions workflows. Security firm <a href=\"https:\/\/www.theregister.com\/cyber-crime\/2026\/05\/12\/cache-poisoning-caper-turns-tanstack-npm-packages-toxic\/5238650\">Socket linked the TanStack compromise<\/a> to the <a href=\"https:\/\/www.theregister.com\/security\/2026\/05\/01\/ongoing-supply-chain-attacks-worm-into-sap-npm-packages\/5228837\">broader &#8220;Mini Shai-Hulud&#8221; operation<\/a>, which abused poisoned automation workflows and stolen publishing credentials to push malicious package updates into trusted software pipelines.<\/p>\n<div data-element-guid=\"afe083ca-6701-48e9-9bd8-f8827dd7fb42\" class=\"lab4 column articleList layout_vertical imageLayout_left small-12 large-12 small-abs-12 large-abs-12 abs_grid_12 grid-vas-start mobile-grid-vas-start\">\n<div class=\"content border_width_0 border_width_mobile_0 border-radius-48 border-radius-mobile_48\">\n<h2 class=\"article-list-title t19 font-RobotoCondensed\">MORE CONTEXT<\/h2>\n<\/p><\/div>\n<\/div>\n<p>Researchers tracking the wider Mini Shai-Hulud campaign have connected the activity to a threat group known as TeamPCP, which appears to have developed an unhealthy interest in poisoning npm ecosystems and rifling through developer credentials.<\/p>\n<p>TanStack<a href=\"https:\/\/socket.dev\/blog\/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack\"> confirmed this week<\/a> that 84 malicious package versions spanning 42 @tanstack\/* packages had been published after attackers compromised parts of its release infrastructure. The poisoned packages were designed largely to steal credentials, including GitHub tokens, cloud secrets, npm credentials, and CI\/CD authentication material.<\/p>\n<p>The campaign appears <a href=\"https:\/\/www.aikido.dev\/blog\/mini-shai-hulud-is-back-tanstack-compromised\">linked<\/a> to earlier Mini Shai-Hulud attacks involving SAP-related npm packages, suggesting the same credential-stealing operation is spreading across multiple developer ecosystems.<\/p>\n<p>OpenAI said it is continuing to investigate the incident and monitor for any downstream abuse tied to the stolen credentials.<\/p>\n<p>The reassuring news is that OpenAI says no production systems were breached. The less reassuring news is that attackers keep getting deeper into the software assembly line before anybody notices.&nbsp;\u00ae<\/p>\n<\/p><\/div>\n<p><img decoding=\"async\" src=\"https:\/\/image.theregister.com\/?imageId=5241038&#038;width=800\">READ MORE <a href=\"https:\/\/www.theregister.com\/security\/2026\/05\/15\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/5241019\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":60663,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[307],"class_list":["post-60662","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>OpenAI caught in TanStack npm supply chain chaos after employee devices compromised 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-15T10:08:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/image.theregister.com\/5241038.jpg?imageId=5241038&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised\",\"datePublished\":\"2026-05-15T10:08:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/\"},\"wordCount\":443,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg\",\"keywords\":[\"Security\"],\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/\",\"name\":\"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg\",\"datePublished\":\"2026-05-15T10:08:07+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg\",\"width\":100,\"height\":59},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/","og_locale":"en_US","og_type":"article","og_title":"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-05-15T10:08:07+00:00","og_image":[{"url":"https:\/\/image.theregister.com\/5241038.jpg?imageId=5241038&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised","datePublished":"2026-05-15T10:08:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/"},"wordCount":443,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg","keywords":["Security"],"articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/","url":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/","name":"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg","datePublished":"2026-05-15T10:08:07+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/05\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised.jpg","width":100,"height":59},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/openai-caught-in-tanstack-npm-supply-chain-chaos-after-employee-devices-compromised\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.threatshub.org\/blog\/tag\/security\/"},{"@type":"ListItem","position":3,"name":"OpenAI caught in TanStack npm supply chain chaos after employee devices compromised"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60662","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=60662"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60662\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/60663"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=60662"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=60662"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=60662"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}