On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source packages, corrupting 84 npm artifacts before anyone noticed. Within hours, the ...

A poisoned open-source dependency let attackers breach two OpenAI employee devices and steal credentials from a limited set of its internal source code repositories, OpenAI confirmed in a May 14, 2026 ...

On May 11, 2026, a massive supply chain attack shook the JavaScript ecosystem. Over 170 npm and PyPI packages, including TanStack, Mistral AI, and UiPath, were compromised, exposing developers with ...

UiPath is downgraded to Hold due to revenue growth and risks around business model transition and competitive threats. Read ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Any development environment that installed or imported one of the 172 compromised npm or PyPI packages published since May 11 should be treated as potentially compromised. On affected developer ...

On May 11, 2026, a self-propagating supply chain worm dubbed Mini Shai-Hulud (CVE-2026-45321, GHSA-g7cv-rxg3-hmpx) compromised the npm ecosystem. Attributed to TeamPCP (aka DeadCatx3, PCPcat, ...

For instance, you can run automation for individual devices or for entire organizations and dynamic groups. NinjaOne is more than just endpoint management software. It offers broad IT service ...