#supply-chain

TanStack npm supply-chain compromise revealed

TanStack's postmortem analysis details the npm supply-chain compromise, caused by a vulnerable dependency in one of its packages [TanStack Blog]. The incident led to malicious code injection, affecting users.