Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
On May 11, 2026, attackers chained a pull_request_target abuse, cache poisoning, and OIDC token theft to publish 84 malicious @tanstack npm versions from TanStack's own trusted pipeline. It is the first npm compromise to carry valid SLSA provenance.
npm Trusted Publishing replaces long-lived publish tokens with short-lived OIDC-issued credentials tied to a specific CI workflow. Here is the 2026 rollout state, what the migration actually looks like, and where the rough edges still are.
On 11-12 May 2026, the TeamPCP-linked Mini Shai-Hulud worm published 84 malicious artifacts across 42 TanStack npm packages in six minutes, then spread to 160+ packages by abusing GitHub Actions OIDC tokens and CI cache poisoning.
Trusted Token Issuer support in IAM Identity Center lets workloads exchange OIDC tokens for AWS sessions without long-lived keys. Here is how that reshapes build pipeline trust.
How to manage CircleCI orb trust in 2026: certified versus uncertified orbs, version pinning, contexts, OIDC, and the controls that hold under real attacker pressure.
A 2026 hardening checklist for GitLab CI: ID tokens, protected branches, runner isolation, included templates, and the controls that actually shrink blast radius.
Trusted Publishing made PyPI safer, but leaked short-lived OIDC tokens in CI logs kicked off a credential-replay campaign that PyPI, GitHub, and Sonatype all tracked in 2025.
A pragmatic 2026 hardening checklist for GitHub Actions: OIDC, pinned actions, environment protection, reusable workflows, and the controls that actually move risk.
By end of 2025, Trusted Publishing landed on PyPI, RubyGems, npm, crates.io, and NuGet. PyPI alone crossed one million Trusted-Publisher uploads. Here is the defender view of the cross-ecosystem rollout.
Weekly insights on software supply chain security, delivered to your inbox.