bleepingcomputer.com › news › security Shai Hulud attack ships signed malicious TanStack, Mistral npm packages … The stealer includes basic geofencing logic, specifically avoiding execution on hosts where Russian language settings are detected. … May 12, 2026 · Bill Toulas