Analysis of Malware Compromise in 42 TanStack npm Packages

Summary of Malware Vulnerabilities in 42 @tanstack/ Packages Vulnerability Overview Release Time: 2026-05-11 19:20 - 19:26 UTC Attack Vector: Attackers exploited GitHub Actions OIDC-trusted publisher binding via the mechanism to inject malicious code into the TanStack/router repository. Malicious Behaviors: - Stealing cloud credentials (AWS, GCP, Kubernetes, HashiCorp Vault) - Stealing GitHub tokens and SSH private keys - Exfiltrating data via the SessionOwl messenger network - Propagating malware to other packages Impact Scope List of Affected Packages (42 total): @tanstack/arktype-adapter (1.166.12, 1.166.15) @tanstack/eslint-plugin-router (1.161.9, 1.161.12) @tanstack/eslint-plugin-start (0.0.4, 0.0.7) @tanstack/history (1.161.9, 1.161.12) @tanstack/nitro-v2-vite-plugin (1.154.12, 1.154.15) @tanstack/react-router (1.169.5, 1.169.8) @tanstack/react-router-devtools (1.166.16, 1.166.19) @tanstack/react-router-ssr-query (1.166.15, 1.166.18) @tanstack/react-start (1.167.68, 1.167.71) @tanstack/react-start-client (1.166.51, 1.166.54) @tanstack/react-start-rsc (0.0.47, 0.0.50) @tanstack/react-start-server (1.166.55, 1.166.58) @tanstack/router-cli (1.166.46, 1.166.49) @tanstack/router-core (1.169.5, 1.169.8) @tanstack/router-devtools (1.166.16, 1.166.19) @tanstack/router-devtools-core (1.167.6, 1.167.9) @tanstack/router-generator (1.166.45, 1.166.48) @tanstack/router-plugin (1.167.38, 1.167.41) @tanstack/router-ssr-query-core (1.168.3, 1.168.6) @tanstack/router-utils (1.161.11, 1.161.14) @tanstack/router-vite-plugin (1.166.53, 1.166.56) @tanstack/solid-router (1.169.5, 1.169.8) @tanstack/solid-router-devtools (1.166.16, 1.166.19) @tanstack/solid-router-ssr-query (1.166.15, 1.166.18) @tanstack/solid-start (1.167.65, 1.167.68) @tanstack/solid-start-client (1.166.50, 1.166.53) @tanstack/solid-start-server (1.166.54, 1.166.57) @tanstack/start-client-core (1.168.5, 1.168.8) @tanstack/start-fn-stubs (1.161.9, 1.161.12) @tanstack/start-plugin-core (1.169.23, 1.169.26) @tanstack/start-server-core (1.167.33, 1.167.36) @tanstack/start-static-server-functions (1.166.44, 1.166.47) @tanstack/start-storage-context (1.166.38, 1.166.41) @tanstack/valibot-adapter (1.166.12, 1.166.15) @tanstack/virtual-file-routes (1.161.10, 1.161.13) @tanstack/vue-router (1.169.5, 1.169.8) @tanstack/vue-router-devtools (1.166.16, 1.166.19) @tanstack/vue-router-ssr-query (1.166.15, 1.166.18) @tanstack/vue-start (1.167.61, 1.167.64) @tanstack/vue-start-client (1.166.46, 1.166.49) @tanstack/vue-start-server (1.166.50, 1.166.53) @tanstack/zod-adapter (1.166.12, 1.166.15) Remediation Fixed Versions: All affected packages have corresponding fixed versions (e.g., @tanstack/arktype-adapter is fixed to 1.166.16). Temporary Mitigations: 1. Pin @tanstack/ dependencies to known-good versions released prior to 2026-05-11 19:00 UTC. 2. Delete and lockfiles, then reinstall to ensure dependencies resolve correctly (note: this instruction in the source text contains a logical error; it likely meant to ensure it does not resolve to the malicious version, or simply that you must re-verify after cleaning). 3. Configure npm to skip lifecycle scripts: 4. Audit CI runners that executed within the affected time window. POC/Exploit Code Malicious Dependency Configuration Malicious Script File List of Malicious Files (~2.3 MB obfuscated JavaScript, located in the package root, not declared in ) (helper file in an orphan commit) Malicious Git Reference Exfiltration Network Second-Stage Payload URLs Attacker GitHub Accounts (id 127806521) (id 269549300) Attacker Fork Configuration

Goal Reached Thanks to every supporter — we hit 100%!

Analysis of Malware Compromise in 42 TanStack npm Packages

More from this source