Mini Shai-Hulud Is Back: npm Worm Hits over 160 Packages, including Mistral and Tanstack

Why It Matters The recent npm worm attack, dubbed Mini Shai-Hulud, has significant implications for the developer community. According to a report on aikido.de, the attack has affected over 160 packages, including popular ones like Mistral and Tanstack. This raises concerns about the security and reliability of open-source software, as a single compromised package can have far-reaching consequences. The attack highlights the vulnerabilities in the npm ecosystem, where a single malicious package can spread to numerous dependent packages.