TanStack Attack: Malicious Code Distributed via Compromised npm Packages4. July 2026Cybersecurity, NIS2Attackers used a stolen OIDC token to distribute counterfeit TanStack packages on npm, enabling the exfiltration of cloud credentials and authentication tokens. Share on: