malware
npm
@beproduct/nestjs-auth
discovered 2026-05-12@beproduct/nestjs-auth is identified in the SafeDep analysis "Mass Supply Chain Attack Hits TanStack, Mistral AI npm and PyPI Packages". Over 400 compromised npm package versions and at least 2 PyPI packages published in a coordinated supply chain attack targeting TanStack, Mistral AI, UiPath, OpenSearch, guardrails-ai, and dozens of other packages.
Threat types
other
Malicious versions
- 0.1.2
- 0.1.3
- 0.1.4
- 0.1.5
- 0.1.6
- 0.1.7
- 0.1.8
- 0.1.9
- 0.1.10
- 0.1.11
- 0.1.12
- 0.1.13
- 0.1.14
- 0.1.15
- 0.1.16
- 0.1.17
- 0.1.18
- 0.1.19
Campaigns
Indicators
- domain git-tanstack.comcommunicates-with
- domain filev2.getsession.orgcommunicates-with
- domain 169.254.169.254communicates-with
- ipv4 169.254.169.254communicates-with
- sha256 ce7e4199506959fd7a71b64209b2c07b9c82e53a946aa7d78298dc9249230d01indicates
- sha1 79ac49eedf774dd4b0cfa308722bc463cfe5885cindicates