safe-action

MAL-2026-3590

npmmalware5/12/2026

Description

Malicious code in safe-action (npm)

Indicators of Compromise

SHA256 Hashes (2)

dd0e257c2958e16d803f002f996ebb83aae4ecc32bf71320bf985b936996e634

5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5

Domains (4)

git-tanstack.comfilev2.getsession.orgapi.masscan.cloudseed1.getsession.org

References (6)

https://github.com/advisories/GHSA-w3x2-675q-gpfqOSV https://www.aikido.dev/blog/mini-shai-hulud-is-back-tanstack-compromisedOSV https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystemOSV https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attackOSV https://tanstack.com/blog/npm-supply-chain-compromise-postmortemOSV https://snyk.io/blog/tanstack-npm-packages-compromised/OSV

Details

Ecosystemnpm

Attack Typemalware

Published5/12/2026

Aliases

GHSA-w3x2-675q-gpfq

Quick Actions

All Incidents npm Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001