When One Hack Hits Dozens of Companies at Once

Here's what makes supply chain attacks so unsettling: hackers don't need to break into your front door. They just need to get into a tool you already trust. Earlier this week, that's exactly what happened when attackers hijacked several open source projects used by dozens of companies — pushing out malicious updates designed to spread malware. It's the latest in a growing wave of these kinds of attacks, and OpenAI got caught in the crossfire.

On Wednesday, OpenAI confirmed that two of its employees had their devices compromised. And while the company says its investigation found no evidence that user data, production systems, intellectual property, or software were touched, some data was stolen — specifically, credentials from a limited set of internal source code repositories that those two employees had access to.

How the TanStack Attack Actually Worked

The entry point was TanStack — a widely used open source library that helps developers build web apps. On Monday, TanStack published a post-mortem disclosing what happened: during a six-minute window, hackers managed to push 84 malicious versions of the software. A researcher caught it within 20 minutes, which is honestly impressive, but the damage was already done.

The malicious versions weren't just sitting there dormant. They included malware specifically designed to steal credentials from any machine the software was installed on — and to self-propagate, spreading itself to other systems automatically. That's a nasty combination.

OpenAI's affected employees had installed the compromised TanStack versions, which gave attackers a foothold. From there, unauthorized access reached a limited subset of internal repositories.

What Was Actually Taken — and What OpenAI Is Doing About It

The company says only "limited credential material" was taken from the affected repositories. But here's the part that required immediate action: some of those repositories contained digital certificates used to sign OpenAI's products. As a precaution, OpenAI is rotating those certificates — and that means macOS users will need to update their app.

The company was clear that it found "no evidence of compromise or risk to existing software installations," but rotating the certificates is the right call regardless. You don't wait to see if something burns down before replacing the smoke detector.

The Bigger Pattern: Supply Chain Attacks Are Becoming a Playbook

This isn't an isolated incident. It's part of a pattern that's been building for months.

In March, North Korean hackers hijacked Axios — a popular open source development tool used by millions — and pushed malware that could have infected developers worldwide. In May, Chinese hackers were accused of a similar attack targeting thousands of Windows computers running Daemon Tools, disc imaging software.

The group behind the TanStack attack hasn't been definitively identified. Some past attacks using these same tactics have been linked to a group called TeamPCP — which, in a strange twist, was itself reportedly hacked by other hackers. But other groups have used the same approach.

Why This Tactic Is So Effective

The reason supply chain attacks are so appealing to hackers is the economics of it. Instead of spending enormous effort targeting one company at a time, attackers compromise a single widely-used tool and instantly gain potential access to every organization that relies on it. One hack, dozens of victims. The blast radius is massive, and the entry point is something developers actively trust and update regularly.

Think about it this way: developers are trained to keep their dependencies up to date. That habit, which is genuinely good security practice in most contexts, becomes the attack vector itself.