Attackers Hijack TanStack, OpenSearch, Mistral Official Pipelines, Push 84 Malicious Versions on May 12

According to Beating's monitoring, on May 12 at 3:20–3:26 UTC+8, attackers affiliated with TeamPCP hijacked the official release pipelines of TanStack, Amazon's OpenSearch, and Mistral, pushing 84 malicious package versions across npm and PyPI. Affected packages include @tanstack/react-router (10M+ weekly downloads), @opensearch-project/opensearch (1.3M weekly downloads), and Mistral's mistralai client. The malicious packages bypassed security trust mechanisms by exploiting GitHub Actions configuration flaws to obtain legitimate temporary publishing credentials, allowing them to acquire valid SLSA build provenance signatures.

Socket.dev's reverse analysis reveals the worm persists even after package removal by injecting code into Claude Code execution hooks (.claude/settings.json) and VS Code task configurations (.vscode/tasks.json). On Python packages, the malware activates silently upon import without requiring function calls. Affected machines should be treated as compromised; users must immediately rotate AWS, GitHub, npm, and SSH credentials and reinstall from clean lockfiles.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments