OpenAI said it found no evidence that user data was exposed following a security issue linked to a supply chain attack involving the TanStack npm open source library.
The company said in a security update posted on its official website that the issue was part of a broader software supply chain attack campaign known as “Mini Shai-Hulud” that targeted open source developer ecosystems including npm and PyPI.
What happened?
According to a postmortem report published by TanStack on May 11, attackers released 84 malicious builds in 42 @tanstack/* npm packages after exploiting weaknesses in the GitHub Actions workflows and CI/CD caching systems.
Cybersecurity firm Snyk and security researchers cited in the Tom’s Hardware report said the malicious packages were designed to steal credentials such as GitHub tokens, cloud API keys, npm credentials, and CI/CD secrets from infected systems.
The attack was part of a broader campaign affecting several developer ecosystems and software projects, including packages associated with Mistral AI, UiPath and OpenSearch, according to security researchers and Reddit community discussions.
What did OpenAI say?
In its official response, OpenAI said that two employee devices in its corporate environment were affected by the attack. The company said it had seen “unauthorized access and credential exfiltration” involving a limited subset of internal source code repositories accessible to those employees.
OpenAI said va security updates disclosed on its official website that only limited credential material had been exfiltrated and that it had found no evidence that customer data, production systems, intellectual property or software code had been compromised.
The company added that as a precaution, it isolated affected systems, terminated sessions, rotated credentials and updated security certificates for some products.
Why does it matter?
The incident has renewed scrutiny of security risks in open source software supply chains, particularly ecosystems like npm that are widely used in the tech industry, following a series of recent attacks targeting popular JavaScript packages and developer tools, according to reports from Ars Technica and CSO Online.
Academic and industry studies have repeatedly warned of the growing risks posed by malicious npm packages and compromised administrator accounts. And 2021 research paper titled “What are weak links in the npm supply chain?” researchers from Microsoft, North Carolina State University and other institutions found that attackers could potentially hijack thousands of npm packages through weak administrator account protection and other vulnerabilities in the ecosystem.
Other academic studies on software supply chain attacks have also documented the growing abuse of package managers such as npm and PyPI to distribute malware and compromise downstream users and businesses, including paper 2020 “Backstabber’s Knife Collection: Review of Open Source Software Supply Chain Attacks” and a later study examining the detection of malicious packages across the npm and PyPI ecosystems.
