@dirigible-ai/sdk

MAL-2026-3593

npmmalware5/12/2026

Description

Malicious code in @dirigible-ai/sdk (npm)

Indicators of Compromise

SHA256 Hashes (1)

5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5

Domains (4)

git-tanstack.comfilev2.getsession.orgapi.masscan.cloudseed1.getsession.org

References (5)

https://www.aikido.dev/blog/mini-shai-hulud-is-back-tanstack-compromisedOSV https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystemOSV https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attackOSV https://tanstack.com/blog/npm-supply-chain-compromise-postmortemOSV https://snyk.io/blog/tanstack-npm-packages-compromised/OSV

Details

Ecosystemnpm

Attack Typemalware

Published5/12/2026

Quick Actions

All Incidents npm Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001