1004: TanHacked

Scott and Wes break down the “Mini Shai-Hulud” supply chain attack that compromised TanStack and other popular npm packages through a clever GitHub Actions cache poisoning exploit; a self-propagating worm that stole credentials and persisted through Claude Code hooks and VS Code tasks. They also cover how developers can protect themselves using pnpm’s security defaults, dev containers, and other practical defenses.Show Notes00:00 Welcome to Syntax!00:25 Understanding the Shai-Hulud WormPost Mortem of Shai Hulud Attack02:47 Mechanics of the Attack: GitHub Actions and CacheHow the attack happenedWho Was Involved in the AttackSeveral npm latest releases are compromisedSocket.devStep Security05:44 Brought to you by Sentry.io06:09 Propagation and Impact of the Worm09:30 Preventative Measures for DevelopersDead Man’s Switch22:33 The Role of Package Managers in SecurityBlock Exotic Subdeps18:39 Using Dev ContainersWhy You Should Use Dev ContainersScott Tolinski’s Security Review20:57 Conclusion and Final ThoughtsSentry has Skills!Hit us up on Socials!Syntax: X Instagram Tiktok LinkedIn ThreadsWes: X Instagram Tiktok LinkedIn ThreadsScott: X Instagram Tiktok LinkedIn ThreadsRandy: X Instagram YouTube Threads.