malware
npm
@uipath/vertical-solutions-tool
discovered 2026-05-12@uipath/vertical-solutions-tool is identified in the SafeDep analysis "Mass Supply Chain Attack Hits TanStack, Mistral AI npm and PyPI Packages". Over 400 compromised npm package versions and at least 2 PyPI packages published in a coordinated supply chain attack targeting TanStack, Mistral AI, UiPath, OpenSearch, guardrails-ai, and dozens of other packages.
Threat types
other
Malicious versions
- 1.0.1
Campaigns
Indicators
- domain git-tanstack.comcommunicates-with
- domain filev2.getsession.orgcommunicates-with
- domain 169.254.169.254communicates-with
- ipv4 169.254.169.254communicates-with
- sha256 ce7e4199506959fd7a71b64209b2c07b9c82e53a946aa7d78298dc9249230d01indicates
- sha1 79ac49eedf774dd4b0cfa308722bc463cfe5885cindicates