Why does this keep happening?

Scott and Wes break down the “Mini Shai-Hulud” supply chain attack that compromised TanStack and other popular npm packages through a clever GitHub Actions cache poisoning exploit; a self-propagating worm that stole credentials and persisted through Claude Code hooks and VS Code tasks. They also cover how developers can protect themselves using pnpm’s security defaults, dev containers, and other practical defenses 🔥 Be the ~19,500th person to join our super tasty newsletter https://bit.ly/syntax_snackpack 00:00 Welcome to Syntax! 00:25 Understanding the Shai-Hulud Worm 02:47 Mechanics of the Attack: GitHub Actions and Cache 05:44 Brought to you by Sentry.io 06:09 Propagation and Impact of the Worm 09:30 Preventative Measures for Developers 12:33 The Role of Package Managers in Security 18:39 Using Dev Containers 20:57 Conclusion and Final Thoughts Shaid Halud Breakdown From Wiz | https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack List of compromised packages | https://x.com/hetmehtaa/status/2054158511073116266 TanStack Postmortem | https://tanstack.com/blog/npm-supply-chain-compromise-postmortem Snyk TanStack Attack Breakdown | https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack Use Dev Containers | https://www.youtube.com/watch?v=kPMA9cnpScU Scan your github actions for security issues | https://github.com/snyk-labs/github-actions-scanner All links available at https://syntax.fm/1004 ------------------------------------------------------------------------------ Hit us up on Socials! Syntax: https://x.com/syntaxfm Scott: https://x.com/stolinski Wes: https://x.com/wesbos CJ: https://x.com/CodingGarden Randy: https://www.youtube.com/@randyrektor http://www.syntax.fm Brought to you by https://sentry.io/syntax #npm #hack #webdevelopment #webdeveloper #javascript #typescript #tanstack #syntax #syntaxfm #webdev