> TritonInfoSec News
Home / May 17, 2026 / Story
0
#5 SecurityWeek general May 15, 2026 at 10:37 UTC

OpenAI Hit by TanStack Supply Chain Attack

By Ionut Arghire

AI Summary

Two OpenAI employee devices were compromised via the 'Mini Shai-Hulud' supply chain attack targeting the TanStack open-source project, with credential material stolen from OpenAI code repositories. OpenAI stated no user data, production systems, or intellectual property were modified, and macOS updates were forced on affected devices. The attack is linked to threat group TeamPCP, which subsequently released the Shai-Hulud worm's source code publicly to encourage further supply chain exploitation.

Read full article → https://www.securityweek.com/openai-hit-by-tanstac…

Relevance score: 82.0/100

# More from May 17

  1. 1
    Microsoft warns of Exchange zero-day flaw exploited in attacks BleepingComputer
  2. 2
    Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 SecurityWeek
  3. 3
    Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access The Hacker News
  4. 4
    Popular node-ipc npm package compromised to steal credentials BleepingComputer
  5. 6
    Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own BleepingComputer
  6. 7
    Funnel Builder WordPress plugin bug exploited to steal credit cards BleepingComputer
  7. 8
    Avada Builder WordPress plugin flaws allow site credential theft BleepingComputer
  8. 9
    PoC Code Published for Critical NGINX Vulnerability SecurityWeek
  9. 10
    Microsoft backpedals: Edge to stop loading passwords into memory BleepingComputer