OPENAI has disclosed that two employee devices were compromised in the TanStack supply chain attack, with credential material exfiltrated from internal source code repositories. The attack, which struck TanStack on May 11, involved the TeamPCP hacking group exploiting weaknesses in the package publishing process to release 84 malicious artifacts across 42 packages, with over 170 packages across several high-profile NPM and PyPI namespaces affected on the same day.
OpenAI says the compromise granted attackers access to several internal repositories the two employees could access, though only limited credential material was exfiltrated and no other information or code was impacted, according to OpenAI.
The company says it rotated credentials across affected repositories, revoked user sessions, and temporarily restricted code-deployment workflows, and that compromised repositories contained code-signing certificates which were revoked and re-signed. macOS users will need to update their applications by 12 June 2026, after which older versions may stop functioning, as OpenAI explains it is updating security certificates to prevent distribution of fake apps.