Malicious "tanstack" npm Package Exfiltrates Developer Credentials in Stealth Attack
A malicious npm package named tanstack was discovered executing a data exfiltration campaign, targeting developers by impersonating the legitimate TanStack ecosystem. The attacker exploited confusion with the trusted @tanstack organization known for libraries like TanStack Query and TanStack Table by registering the unscoped tanstack package on npm.
The package, marketed as a "TanStack Player" SDK with polished documentation and branding, contained a hidden postinstall script that activated upon installation. Between 17:08 and 17:35 UTC on April 29, 2026, the attacker published four rapid updates (versions 2.0.4–2.0.7), each refining the malware’s capabilities. Earlier version 2.0.3, released in March, showed no malicious behavior, indicating the attack began with the introduction of the postinstall hook.
Once triggered, the script scanned for sensitive environment files including .env, .env.local, and .env.production and exfiltrated their contents to an attacker-controlled Svix webhook endpoint. By routing data through a legitimate webhooks-as-a-service platform, the attacker evaded detection by network security tools. The stolen payload included:
- Environment file contents (e.g., AWS keys, GitHub tokens, database credentials, API keys).
- System metadata (Node.js version, OS, architecture).
- Package version and timestamp.
The script disguised sensitive data under misleading field names like "readme" and "agents" to obscure its true nature. The rapid version updates suggest live testing, with 2.0.6 being the most dangerous targeting all .env.* variants, including production files.
Developers who installed versions 2.0.4–2.0.7 should assume compromise, as the attack executed automatically during installation with no persistence mechanism. The incident underscores the risks of name-squatting attacks in open-source ecosystems, where a simple typo (e.g., tanstack vs. @tanstack/query) can lead to full credential exposure.
Source: https://gbhackers.com/tanstack-package-abuses-postinstall/
TanStack cybersecurity rating report: https://www.rankiteo.com/company/tanstack
npm, Inc. cybersecurity rating report: https://www.rankiteo.com/company/npm-inc-
"id": "TANNPM1777897814",
"linkid": "tanstack, npm-inc-",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Software Development',
'location': 'Global',
'name': 'Developers and organizations using the '
"malicious 'tanstack' npm package",
'type': 'Individuals and Organizations'}],
'attack_vector': 'Malicious npm Package',
'customer_advisories': 'Developers who installed versions 2.0.4–2.0.7 of the '
"'tanstack' npm package should assume compromise and "
'revoke exposed credentials.',
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['.env',
'.env.local',
'.env.production'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Environment variables',
'API keys',
'Database credentials',
'GitHub tokens',
'AWS keys',
'System metadata']},
'date_detected': '2026-04-29T17:35:00Z',
'description': "A malicious npm package named 'tanstack' was discovered "
'executing a data exfiltration campaign, targeting developers '
'by impersonating the legitimate TanStack ecosystem. The '
'attacker exploited confusion with the trusted @tanstack '
"organization by registering the unscoped 'tanstack' package "
'on npm. The package contained a hidden postinstall script '
'that scanned for sensitive environment files and exfiltrated '
'their contents to an attacker-controlled Svix webhook '
'endpoint.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to '
'developers and organizations due to '
'credential exposure',
'data_compromised': 'Environment file contents (AWS keys, GitHub '
'tokens, database credentials, API keys), '
'system metadata, package version, and '
'timestamp',
'identity_theft_risk': 'High (if PII or sensitive credentials were '
'exposed)',
'operational_impact': 'Potential unauthorized access to cloud '
'services, databases, and repositories due '
'to stolen credentials',
'systems_affected': 'Developer workstations with the malicious '
"'tanstack' npm package installed"},
'initial_access_broker': {'entry_point': 'Malicious npm package installation'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The incident underscores the risks of name-squatting '
'attacks in open-source ecosystems and the importance of '
'verifying package names and scopes before installation.',
'motivation': 'Credential Theft',
'post_incident_analysis': {'corrective_actions': 'Revocation of exposed '
'credentials, enhanced '
'package verification '
'processes, and monitoring '
'for unauthorized access.',
'root_causes': 'Name-squatting attack exploiting '
'confusion with the legitimate '
'@tanstack organization, combined '
'with a malicious postinstall '
'script.'},
'recommendations': ['Verify package names and scopes before installation to '
'avoid name-squatting attacks.',
'Monitor for suspicious postinstall scripts in npm '
'packages.',
'Rotate credentials immediately if the malicious package '
'was installed.',
'Use tools to detect and block malicious npm packages in '
'CI/CD pipelines.'],
'references': [{'source': 'Incident Report'}],
'response': {'containment_measures': 'Uninstallation of the malicious package '
'and revocation of exposed credentials',
'enhanced_monitoring': 'Monitoring for unauthorized access using '
'stolen credentials',
'remediation_measures': 'Revocation of exposed credentials, '
'rotation of API keys, and monitoring '
'for unauthorized access'},
'title': "Malicious 'tanstack' npm Package Exfiltrates Developer Credentials "
'in Stealth Attack',
'type': 'Supply Chain Attack',
'vulnerability_exploited': 'Name-squatting and postinstall script execution'}