Guide

Mini Shai-Hulud npm worm: detect, rotate, and shrink your blast radius

16 mai 2026 | 8 min read

TanStack, Mistral AI, and UiPath npm packages got hit on May 11, 2026. A 60-second detection script, a rotation-first checklist, and the single-purpose APIs that replace four of the most-poisoned package types.

Code on a terminal representing an npm supply chain incident response — Photo by Caspar Camille Rubin on Unsplash

This article is available in English.

Read full article in English

Commencez a construire avec botoi

150+ endpoints API pour la recherche, le traitement de texte, la generation d'images et les utilitaires pour developpeurs. Offre gratuite, sans carte bancaire.

Voir la documentation API Voir tous les outils