Open AI Hacked via TanStack Supply Chain Vulnerability

Anuj May 15, 2026
www.news4hackers.com-open-ai-hacked-via-tanstack-supply-chain-vulnerability-open-ai-hacked-via-tanstack-supply-chain-vulnerability
Post Views: 4

OpenAI Discloses Impact of TanStack Supply Chain Attack

In a recent disclosure, OpenAI revealed the extent of the TanStack supply chain attack that occurred on May 11.

The Breach:

The open-source web application development stack TanStack was compromised when the TeamPCP hacking group exploited vulnerabilities in the package publishing process, releasing 84 malicious artifacts across 42 packages.

  • Over 170 packages across several high-profile NPM and PyPI namespaces were compromised, including those used by OpenAI.
  • Two employee devices at OpenAI were infected with the Shai-Hulud worm, allowing the attackers to exfiltrate credentials and other sensitive information from internal source code repositories.

However, OpenAI emphasized that only limited credential material was successfully stolen, and no customer data or intellectual property was impacted.

Response:

The company took swift action to mitigate the breach:

  • Rotating credentials across all affected repositories.
  • Revoking user sessions.
  • Temporarily restricting code-deployment workflows.

Additionally, OpenAI decided to revoke code-signing certificates for iOS, macOS, Windows, and Android products and resign all affected applications.

According to OpenAI, “Users running macOS will need to update their applications by June 12, 2026, to ensure continued functionality.”

OpenAI is working closely with platform providers to prevent further notarizations and has reviewed all notarizations of software using its previous certificates to confirm no unauthorized modifications have occurred.

More Stories

www.news4hackers.com-microsoft-exchange-server-vulnerability-exploited-cve-2026-42897-patch-needed-microsoft-exchange-server-vulnerability-exploited-cve-2026-42897-patch-needed

Microsoft Exchange Server Vulnerability Exploited: CVE-2026-42897 Patch Needed

Anuj May 15, 2026
www.news4hackers.com-thieves-use-cheap-tools-from-telegram-to-unlock-stolen-iphones-thieves-use-cheap-tools-from-telegram-to-unlock-stolen-iphones

Thieves Use Cheap Tools from Telegram to Unlock Stolen iPhones

Anuj May 15, 2026
www.news4hackers.com-rocky-linux-introduces-new-security-repository-with-urgent-fixes-rocky-linux-introduces-new-security-repository-with-urgent-fixes

Rocky Linux Introduces New Security Repository with Urgent Fixes

Anuj May 15, 2026

Latest Cyber Security News

www.news4hackers.com-supreme-court-mandates-stringent-anti-scheme-regulations-for-banks-supreme-court-mandates-stringent-anti-scheme-regulations-for-banks

Supreme Court Mandates Stringent Anti-Scheme Regulations for Banks

Anuj May 15, 2026
www.news4hackers.com-american-lending-center-data-breach-exposes-123-000-individuals-information-american-lending-center-data-breach-exposes-123-000-individuals-information

American Lending Center Data Breach Exposes 123,000 Individuals’ Information

Anuj May 15, 2026
www.news4hackers.com-microsoft-exchange-server-vulnerability-exploited-cve-2026-42897-patch-needed-microsoft-exchange-server-vulnerability-exploited-cve-2026-42897-patch-needed

Microsoft Exchange Server Vulnerability Exploited: CVE-2026-42897 Patch Needed

Anuj May 15, 2026
www.news4hackers.com-thieves-use-cheap-tools-from-telegram-to-unlock-stolen-iphones-thieves-use-cheap-tools-from-telegram-to-unlock-stolen-iphones

Thieves Use Cheap Tools from Telegram to Unlock Stolen iPhones

Anuj May 15, 2026
www.news4hackers.com-open-ai-hacked-via-tanstack-supply-chain-vulnerability-open-ai-hacked-via-tanstack-supply-chain-vulnerability

Open AI Hacked via TanStack Supply Chain Vulnerability

Anuj May 15, 2026
en_USEnglish
en_USEnglish