与「TanStack」相关的搜索结果

用心极其险恶！#TanStack# 供应链攻击中黑客预留死人开关，检测到开发者吊销令牌后执行 rm -rf ~/ 命令。相关恶意脚本位于~/.local/bin/ 目录，里面的检测脚本会每 60 秒查询 1 次窃取的 GitHub 令牌，如果令牌被撤销就会触发死人开关，从而执行 rm 命令删除开发者的所有文件：

🚨 MistEye TI Alert 🚨 MistEye has detected a highly sophisticated npm worm, "Mini Shai-Hulud," spreading through trusted developer projects like TanStack, UiPath, and DraftLab. The attackers hijacked GitHub credentials to publish malicious, yet seemingly legitimate, package updates. The malware injects a heavily disguised hidden script (router_init.js) that runs silently in the background of CI/CD environments (like GitHub Actions). It is specifically designed to harvest highly sensitive data, including CI/CD secrets, cloud infrastructure keys, and cryptocurrency wallets. The stolen data is then stealthily smuggled out using GitHub's own infrastructure. We have synchronized these critical IOCs with our clients. If your projects utilize the affected packages, immediate action is required: please audit your CI/CD pipelines for the presence of the router_init.js file, rotate all exposed GitHub, cloud, and crypto credentials, and closely monitor your development environments for any unauthorized background activity. As always, stay vigilant!

🎉 大家新年好哇，我的第 3 个模板正式发布啦 🎉 新模板名称是 TanStarter，不是叫 MkFast 哈 TanStarter是一个全面拥抱 TanStack + Cloudflare 的 SaaS 模板，具有更快的开发效率和更低的上站成本。TanStack 框架主要负责效率快，Cloudflare主要负责低成本，用Cloudflare免费套餐就可以部署上线无数网站了。 技术栈： 1、框架：TanStack Start + Router + Query @tan_stack 2、数据库：Cloudflare D1 + Drizzle @DrizzleORM 3、存储：Cloudflare R2 4、身份认证：Better Auth @better_auth 5、支付：Stripe @stripe 6、UI： Shadcn/UI + BaseUI @shadcn + @base_ui 7、部署： Cloudflare Workers @Cloudflare 官网： tanstarter. dev 请注意这次是 dev 域名，tanstack 官网也是 dev 域名 👉 👈