{"id":20241,"date":"2026-05-12T08:50:00","date_gmt":"2026-05-12T08:50:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/"},"modified":"2026-05-12T08:50:00","modified_gmt":"2026-05-12T08:50:00","slug":"mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>TeamPCP, the threat actor behind the recent\u00a0supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign.<br \/>\nThe affected npm packages have been modified to include an obfuscated JavaScript file (&#8220;router_init.js&#8221;) that&#8217;s designed to profile the execution<a href=\"https:\/\/thehackernews.com\/2026\/05\/mini-shai-hulud-worm-compromises.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>TeamPCP, the threat actor behind the recent\u00a0supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (&#8220;router_init.js&#8221;) that&#8217;s designed [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":20242,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-20241","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (&quot;router_init.js&quot;) that&#039;s designed\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (&quot;router_init.js&quot;) that&#039;s designed\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2026-05-12T08:50:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2026-05-12T08:50:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (&quot;router_init.js&quot;) that&#039;s designed\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/mistral-hl6J28.jpg\",\"width\":900,\"height\":470},\"datePublished\":\"2026-05-12T08:50:00+00:00\",\"dateModified\":\"2026-05-12T08:50:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (\\\"router_init.js\\\") that's designed\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/mistral-hl6J28.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":900,\"height\":470},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/05\\\/12\\\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2026-05-12T08:50:00+00:00\",\"dateModified\":\"2026-05-12T08:50:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (\"router_init.js\") that's designed","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#blogposting","name":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2026\/05\/mistral-hl6J28.jpg","width":900,"height":470},"datePublished":"2026-05-12T08:50:00+00:00","dateModified":"2026-05-12T08:50:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#listItem","name":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/","name":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (\"router_init.js\") that's designed","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2026\/05\/mistral-hl6J28.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#mainImage","width":900,"height":470},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2026-05-12T08:50:00+00:00","dateModified":"2026-05-12T08:50:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (&quot;router_init.js&quot;) that's designed","og:url":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/","article:published_time":"2026-05-12T08:50:00+00:00","article:modified_time":"2026-05-12T08:50:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (&quot;router_init.js&quot;) that's designed"},"aioseo_meta_data":{"post_id":"20241","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2026-05-12 09:27:10","updated":"2026-05-12 09:27:10","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tMini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI &amp; More Packages info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2026\/05\/12\/mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/20241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=20241"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/20241\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/20242"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=20241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=20241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=20241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}