OpenAI Confirms Security Breach Linked to AI Malware Campaign
OpenAI says malware tied to the Shai-Hulud supply chain attack accessed internal repositories after infecting two employee devices.
Showing 1–2 of 2
OpenAI says malware tied to the Shai-Hulud supply chain attack accessed internal repositories after infecting two employee devices.
The post OpenAI says no user data exposed after TanStack npm supply chain attack hit employee devices appeared on BitcoinEthereumNews.com. OpenAI has admitted that two employee devices were compromised through malicious versions of TanStack npm packages. The company is insisting that no evidence that user data, production systems, or intellectual property were tampered with was found. Was OpenAI hacked? OpenAI has confirmed that malicious actors breached two of its employee devices as part of a massive software supply chain campaign called “Mini Shai-Hulud.” OpenAI previously deployed controls to limit supply chain attack exposure after an incident with Axios, but the two affected employee devices had not yet received the updated configurations that would have blocked the malicious package download. The attack targeted TanStack, an open-source library used by millions of developers. The attackers published 84 malicious versions across 42 npm packages, including the popular @tanstack/re