TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

📅 12 May 2026 at 10:10 UTC📰 Security WeekView original source ↗

Over 400 malicious versions of 170 packages were published as part of the new Mini Shai-Hulud campaign. The post TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack appeared first on SecurityWeek.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A fresh supply chain attack targeted TanStack, Mistral AI, and UiPath, compromising over 400 malicious versions of 170 packages published as part of the Mini Shai-Hulud campaign.

⚙️Technical Details

Affected Systems

TanStackMistral AIUiPathAttack Vectors: Supply chain attack via compromised package publications

Attack Vectors

Supply chain attack via compromised package publications

💥Impact Assessment

Severity: critical

Who Is at Risk

Developers and organizations using TanStack, Mistral AI, or UiPath

🛡️Recommended Actions

1Monitor package publications for suspicious activity

2Verify dependencies and update software to the latest versions

3Implement strict access controls for development environments

📦Affected Products

TanStack packagesMistral AI packagesUiPath packages

Read the full article

This is a curated summary. The complete article is available at Security Week.

Read on Security Week ↗

← Back to feed