Health systems have no shortage of successful AI pilots. Ambient documentation, revenue cycle automation, clinical decision support — individual use cases have delivered real results in individual ...

The first half of this year has been marked by a series of attacks on supply chains in the npm and PyPi ecosystems—and the culprit is TeamPCP, which stepped up the attacks as the months rolled on. But ...

To continue reading this content, please enable JavaScript in your browser settings and refresh this page. Preview this article 1 min Somasegar spent the past decade ...

On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source packages, corrupting 84 npm artifacts before anyone noticed. Within hours, the ...

OpenAI has said it found no evidence that user data was accessed following a security issue linked to a supply-chain attack involving the open-source TanStack npm library. The company said in a ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...

The post Mini Shai-Hulud Is Back: 172 npm and PyPI Packages Compromised in Latest Wave appeared first on Mend. This is a continuation of the original Shai-Hulud campaign that first targeted SAP CAP ...

Over 170 packages across multiple high-profile NPM and PyPI projects were compromised in a new, coordinated Mini Shai-Hulud software supply chain attack. The campaign hit 42 TanStack packages, 65 ...

TeamPCP, the threat actor behind the recentsupply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as ...