Information security
fromTNW | Openai
2 hours agoOpenAI says no user data was touched in the TanStack npm worm
Malicious TanStack npm packages were published via the legitimate release pipeline after a hijacked GitHub Actions runner exfiltrated an OIDC token mid-build.