OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines