TeamPCP Mini Shai-Hulud npm supply chain SLSA attestation bypass
cve · CVE-2026-45321
Coverage timeline
0
first 2026-05-22 → last 2026-05-22
no data
Briefs
0
0 distinct
Sources cited
36
23 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
No recorded appearances.
Source distribution
- nvd.nist.gov5 (14%)
- thehackernews.com4 (11%)
- attack.mitre.org2 (6%)
- helpnetsecurity.com2 (6%)
- isc.sans.edu2 (6%)
- securityweek.com2 (6%)
- therecord.media2 (6%)
- wiz.io2 (6%)
- other15 (42%)
External references
All cited sources (36)
- unit42.paloaltonetworks.comprimaryinlineUnit 42, 2026-05-21https://unit42.paloaltonetworks.com/monitoring-npm-supply-chain-attacks/
- attack.mitre.orginlineT1195.002 Compromise Software Supply Chainhttps://attack.mitre.org/techniques/T1195/002/
- attack.mitre.orginlineT1552.001 Credentials In Fileshttps://attack.mitre.org/techniques/T1552/001/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-20https://www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-token-rotation-after-tanstack-attack/
- checkmarx.cominlineCheckmarx, 2026-05-12https://checkmarx.com/blog/ongoing-security-updates/
- grafana.cominlineGrafana Labs, 2026-05-19https://grafana.com/blog/grafana-labs-security-update-latest-on-tanstack-npm-supply-chain-ransomware-incident/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-14https://www.helpnetsecurity.com/2026/05/14/sophos-2026-identity-breach-costs-report/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-20https://www.helpnetsecurity.com/2026/05/20/github-breached-teampcp/
- infosecurity-magazine.cominlineInfosecurity Magazine, 2026-05-20https://www.infosecurity-magazine.com/news/github-confirms-breach-vs-code/
- isc.sans.eduinlineSANS ISC Diary, 2026-05-04https://isc.sans.edu/diary/TeamPCP+Weekly+Analysis+2026W18+20260427+through+20260503/32950/
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-18https://isc.sans.edu/diary/rss/32994
- nvd.nist.govinlineCVE-2025-29927https://nvd.nist.gov/vuln/detail/CVE-2025-29927
- nvd.nist.govinlineCVE-2025-48703https://nvd.nist.gov/vuln/detail/CVE-2025-48703
- nvd.nist.govinlineCVE-2025-55182https://nvd.nist.gov/vuln/detail/CVE-2025-55182
- nvd.nist.govinlineCVE-2025-9501https://nvd.nist.gov/vuln/detail/CVE-2025-9501
- nvd.nist.govinlineCVE-2026-1357https://nvd.nist.gov/vuln/detail/CVE-2026-1357
- ox.securityinlineOX Security, 2026-05-17https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/
- research.checkpoint.cominlineCheck Point Research, 2026-05-04https://research.checkpoint.com/2026/4th-may-threat-intelligence-report/
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12558, 2026-05-12https://security-hub.ncsc.admin.ch/#/posts/12558
- securitylabs.datadoghq.cominlineDatadog Security Labshttps://securitylabs.datadoghq.com/articles/shai-hulud-open-source-framework-static-analysis/
- securityweek.cominlineSecurityWeek, 2026-05-11https://www.securityweek.com/checkmarx-jenkins-ast-plugin-compromised-in-supply-chain-attack/
- securityweek.cominlineSecurityWeek, 2026-05-08https://www.securityweek.com/pcpjack-worm-removes-teampcp-infections-steals-credentials/
- sentinelone.cominlineSentinelLabshttps://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-at-scale/
- socket.devinlineSocket.devhttps://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromise
- sophos.cominlineSophos X-Opshttps://www.sophos.com/en-us/blog/-mini-shai-hulud-supply-chain-attack-targets-sap-npm-packages
- stepsecurity.ioinlineStepSecurity, 2026-05-21https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem
- tanstack.cominlineTanStack post-mortem, 2026-05-12https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
- techcrunch.cominlineTechCrunch, 2026-05-14https://techcrunch.com/2026/05/14/openai-says-hackers-stole-some-data-after-latest-code-security-issue/
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/four-malicious-npm-packages-deliver.html
- thehackernews.cominlineThe Hacker News, 2026-05-20https://thehackernews.com/2026/05/github-investigating-teampcp-claimed.html
- thehackernews.cominlineThe Hacker News, 2026-05-07https://thehackernews.com/2026/05/pcpjack-credential-stealer-exploits-5.html
- thehackernews.cominlineThe Hacker News, 2026-05-11https://thehackernews.com/2026/05/teampcp-compromises-checkmarx-jenkins.html
- therecord.mediainlineThe Record, 2026-05-20https://therecord.media/github-confirms-teampcp-hack-customers-unaffected
- therecord.mediainlineThe Record, 2026-05-14https://therecord.media/openai-asks-macos-users-to-update-tanstack-npm
- wiz.ioinlineWiz, 2026-05-20https://www.wiz.io/blog/durabletask-teampcp-supply-chain-attack
- wiz.ioinlineWiz Bloghttps://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
Items in briefs about TeamPCP Mini Shai-Hulud npm supply chain SLSA attestation bypass
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.