New Delhi, May 14 -- OpenAI has said it found no evidence that user data was accessed following a security issue linked to a supply-chain attack involving the open-source TanStack npm library.

The company said in a security update published on its official website that the issue was part of a broader software supply-chain attack campaign known as "Mini Shai-Hulud", which targeted open-source developer ecosystems including npm and PyPI.

According to a postmortem published by TanStack on 11 May, attackers published 84 malicious versions across 42 @tanstack/* npm packages after exploiting weaknesses in GitHub Actions workflows and CI/CD cache systems.

Cybersecurity firm Snyk and security researchers cited in Tom's Hardware's reporting sai...