TanStack shipped a postmortem for the 42-package npm compromise. Here is what every project should change this week.
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
TanStack npm compromise postmortem with immediate actionable changes, highly relevant to open source security.
The TanStack postmortem details a novel supply chain attack where an attacker used a Pwn Request (pull_request_target misconfiguration) and pnpm cache poisoning to publish 84 malicious versions of 42 @tanstack packages, all with valid SLSA provenance. Detected within 6 minutes by external researcher ashishkurmi, the attack self-propagated to 170+ packages, exfiltrating credentials via the Session P2P network, and is attributed to threat group TeamPCP. The incident demonstrates that SLSA provenance alone is insufficient when the build pipeline itself is compromised, and provides a concrete checklist including auditing workflow triggers, pinning cache keys, and verifying provenance trust boundaries.
- Audit all pull_request_target workflow triggers and enforce strict, isolated cache keys to prevent cross-boundary cache poisoning in your CI pipelines.
For platform engineers and open-source maintainers, this shows a critical gap in supply chain security: compromised build pipelines can produce signed packages, undermining SLSA-based trust models and requiring changes to CI/CD patterns.