Sabitlenmiş Tweet
QueryGen for real estate. Now capture leads and listings from within the whatsapp groups that you may be a part of. And get matches for all your enquiries in seconds!
DM for a free trial.
English
Vishnu Madhavan Pillai
597 posts
Vishnu Madhavan Pillai
@tryVishnu
Entrepreneur | Co-Founder https://t.co/m4UutwUMxM | Turning Conversations into Intelligence | Professional Rabbit Hole Diver
Katılım Ocak 2025
68 Takip Edilen41 Takipçiler
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
𝘠𝘰𝘶𝘳 𝘥𝘦𝘢𝘵𝘩 𝘸𝘪𝘭𝘭 𝘤𝘰𝘮𝘦 𝘰𝘯 𝘢𝘯 𝘰𝘳𝘥𝘪𝘯𝘢𝘳𝘺 𝘥𝘢𝘺, 𝘪𝘯 𝘵𝘩𝘦 𝘮𝘪𝘥𝘥𝘭𝘦 𝘰𝘧 𝘶𝘯𝘧𝘪𝘯𝘪𝘴𝘩𝘦𝘥 𝘱𝘭𝘢𝘯𝘴, 𝘢𝘯𝘥 𝘵𝘩𝘦 𝘸𝘰𝘳𝘭𝘥 𝘸𝘪𝘭𝘭 𝘤𝘰𝘯𝘵𝘪𝘯𝘶𝘦 𝘸𝘪𝘵𝘩𝘰𝘶𝘵 𝘺𝘰𝘶.
English
Vishnu Madhavan Pillai retweetledi
@satyajeetjadhav in our customer meetings 😂
Andrew Gazdecki@agazdecki
CTO watching CEO pitch investors features that don't exist:
English
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
I would go longer than 2 days, probably a week or two, but this is great advice
🇮🇹 Massimo De Luisa@massimodeluisa
Easier way to protect yourself (if you are not infected yet) is to set a minimum release age in your package manager. For @npmjs: `npm config set min-release-age=2d` For @pnpmjs: `pnpm config set minimumReleaseAge 2880` For @bunjavascript: ``` # In bunfig.toml [install] minimumReleaseAge = 172800 ``` For Yarn: `yarn config set npmMinimalAgeGate "48h"`
English
Vishnu Madhavan Pillai retweetledi
‼️🚨 UPDATE: The TanStack npm attack is now a full campaign.
'Mini' Shai-Hulud has hit:
- OpenSearch
- Mistral AI
- Guardrails AI
-UiPath
- Squawk packages across npm and PyPI
The malware specifically targets AI developer tooling. It hooks into Claude Code (.claude/settings.json) and VS Code (.vscode/tasks.json) to re-execute on every tool event, long after the infected package is gone. npm uninstall does not fix this.
International Cyber Digest@IntCyberDigest
‼️🚨 BREAKING: A new npm supply-chain attack uses a dead-man's switch. The payload plants a watcher on your machine that nukes your home directory the second you revoke the GitHub token it stole from you. The compromise happened today, across 42 official tanstack npm packages, 84 malicious versions in total. tanstack/react-router alone pulls more than 12 million weekly downloads. The attacker forked TanStack's repository and pushed a single hidden commit. From there, they tricked TanStack's own release system into signing the malicious packages as if they were the real thing. To npm, and to anyone checking the cryptographic proof of origin (SLSA provenance), the poisoned versions looked 100% legitimate. Maintainer Tanner Linsley confirmed the whole team had 2FA enabled. It didn't matter. This is the first documented npm worm in history that ships with a valid, signed certificate of authenticity, the same one defenders rely on to know a package wasn't tampered with.
English
Vishnu Madhavan Pillai retweetledi
🚨 UPDATE: Mini Shai-Hulud has crossed from @npmjs into @pypi and is still spreading.
Newly confirmed compromised artifacts:
@opensearch-project/opensearch: 3.5.3, 3.6.2, 3.7.0, 3.8.0 (1.3M weekly downloads)
mistralai: 2.4.6 on PyPI
guardrails-ai: 0.10.1 on PyPI
additional @squawk/* packages on npm
guardrails-ai 0.10.1 executes malicious code on import. On Linux, it downloads git-tanstack[.]com/transformers.pyz, writes it to /tmp/transformers.pyz, and runs it with python3 without integrity verification.
The git-tanstack.com domain displayed a message signed “With Love TeamPCP,” along with: “We've been online over 2 hours now stealing creds
Regardless I just came to say hello :^)”
The page also linked to a YouTube video and you can probably guess which one.
English
Vishnu Madhavan Pillai retweetledi
🚨 Update: @mistralai npm packages are now confirmed compromised as part of the ongoing Mini Shai Hulud attack.
Affected versions:
@mistralai/mistralai 2.2.2, 2.2.3, 2.2.4@mistralai/mistralai-azure 1.7.1, 1.7.2, 1.7.3@mistralai/mistralai-gcp 1.7.1, 1.7.2, 1.7.3If you use the Mistral SDK in any CI pipeline, treat your environment as compromised. Rotate npm tokens, GitHub PATs, and cloud credentials immediately.
Aikido Security@AikidoSecurity
🚨 Update: Mini Shai-Hulud supply chain attack is back and hit the TanStack npm ecosystem today. At least 84 packages were compromised in two waves starting at 19:20 UTC. @tanstack/react-router, @tanstack/history, @tanstack/router-core, and dozens more across tens of millions of weekly downloads. This is likely from the same TeamPCP campaign behind the SAP npm compromise two weeks ago. If you ran npm install on any @ tanstack package today, treat your environment as compromised. Rotate GitHub tokens, npm tokens, cloud credentials, and CI secrets immediately. Tanner Linsley confirmed affected versions have been unpublished.
English
Vishnu Madhavan Pillai retweetledi
Vishnu Madhavan Pillai retweetledi
tech industry is optimizing itself to death.
Polymarket@Polymarket
JUST IN: GitLab announces job cuts to reinvest in growth for the “agentic era.”
English
Vishnu Madhavan Pillai retweetledi
🚨 How the TanStack npm attack actually happened:
1. Attacker opened a normal-looking pull request (#7378) on the TanStack repo.
2. GitHub automatically ran CI tests on that PR.
3. Code inside the PR stole the workflow's GitHub Actions Cache write token during the test run.
4. The attacker used that token to plant poisoned files in the shared build cache. The PR could be closed afterwards. The poisoned cache stays.
5. The official release workflow later pulled from the cache, baked the malicious files into the build, and signed and published 84 malicious package versions to npm.
Adnan Khan@adnanthekhan
This attack leveraged GitHub Actions Cache Poisoning. Payload deployed here: github.com/TanStack/route… It looks like it detonated here: #step:26:2" target="_blank" rel="nofollow noopener">github.com/TanStack/route…
English
Vishnu Madhavan Pillai retweetledi
This is crazy. The hacker installed a dead-man's switch that will wipe your computer if you revoke the GitHub token they stole from you. Revoking the token is what triggers the wipe.
TANSTACK@tan_stack
SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.
English
Vishnu Madhavan Pillai retweetledi
SECURITY ADVISORY — TanStack npm packages
A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package.
Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down.
Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys.
If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised:
• Rotate cloud, GitHub, and SSH credentials immediately
• Audit cloud audit logs for the last several hours
• Pin to a prior known-good version and reinstall from a clean lockfile
Detection — the malicious manifest contains:
"optionalDependencies": {
"@tanstack/setup": "github:tanstack/router#79ac49ee..."
}
Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root).
Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level.
Full technical breakdown, complete package and version list, and rolling status updates:
github.com/TanStack/route…
Credit to the security researcher for responsible disclosure.
English