Secure your dependencies with usSocket proactively blocks malicious open source packages in your code.InstallThe Socket Threat Research team detected a compromise across 84 npm package artifacts in the tanstack namespace. Affected packages were modified to add a suspected credential stealer targeting various CI systems, including Github Actions. All packages were flagged by Socket AI Scanner in six minutes or less after publication.Several of the newly turned malicious packages, like pkg:npm/@ta...