A malicious npm package named “tanstack” has been discovered deploying a stealthy data exfiltration campaign, targeting developers through a deceptive naming strategy and a hidden postinstall script. The package, impersonating the well-known TanStack ecosystem, was weaponized to steal sensitive environment files immediately after installation. The attacker registered the unscoped tanstack package name on npm, exploiting confusion with the legitimate @tanstack organization, […] The post Malicious TanStack Package Abuses Postinstall Script to Steal Developer Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/tanstack-package-abuses-postinstall/
