{"@context":"https://neupai.io/schema/v0.2","@type":"StructuredNewsArticle","identity":{"article_id":"tech42_20260514_tanstack-supply-chain-attack-openai","canonical_url":"https://www.tech42.co.kr/%ed%83%a0%ec%8a%a4%ed%83%9d-%ec%98%a4%ed%94%88%ec%86%8c%ec%8a%a4-%ea%b3%b5%ea%b8%89%eb%a7%9d-%ea%b3%b5%ea%b2%a9-%ec%98%a4%ed%94%88ai%ea%b9%8c%ec%a7%80-%ed%94%bc%ed%95%b4-%ec%82%ac%ec%9a%a9/?utm_source=rss&utm_medium=rss&utm_campaign=%25ed%2583%25a0%25ec%258a%25a4%25ed%2583%259d-%25ec%2598%25a4%25ed%2594%2588%25ec%2586%258c%25ec%258a%25a4-%25ea%25b3%25b5%25ea%25b8%2589%25eb%25a7%259d-%25ea%25b3%25b5%25ea%25b2%25a9-%25ec%2598%25a4%25ed%2594%2588ai%25ea%25b9%258c%25ec%25a7%2580-%25ed%2594%25bc%25ed%2595%25b4-%25ec%2582%25ac%25ec%259a%25a9","ai_url":null,"publisher":{"name":"테크42","domain":"www.tech42.co.kr","type":"online"},"author":"버트","published_at":"2026-05-14T23:32:58.000Z","updated_at":null,"language":"ko","article_type":"straight_news","originality":"self_produced"},"content":{"headline":"탠스택 오픈소스 공급망 공격, 오픈AI까지 피해...\"사용자 데이터는 안전\" - 테크42","summary":"오픈소스 라이브러리 탠스택을 통한 공급망 공격으로 오픈AI 등이 피해를 입었으나 사용자 데이터는 안전한 것으로 확인됐다. 공격자는 6분 만에 42개 패키지에 84개의 악성 버전을 심었으며 160개 이상의 패키지로 피해가 확산됐다.","topics":["보안","사이버보안","오픈소스","소프트웨어","AI"],"geography":["KR"],"entities":[{"name":"오픈AI","canonical_id":"corp:us:openai","type":"company","role_in_article":"primary_subject","metadata":{"ticker":null,"parent":null}},{"name":"탠스택","canonical_id":"product:xx:kabka","type":"product","role_in_article":"mentioned","metadata":{"ticker":null,"parent":null}},{"name":"미스트럴 AI","canonical_id":"corp:fr:mistral-ai","type":"company","role_in_article":"mentioned","metadata":{"ticker":null,"parent":null}},{"name":"UI패스","canonical_id":"corp:us:uipath","type":"company","role_in_article":"mentioned","metadata":{"ticker":null,"parent":null}},{"name":"팀PCP","canonical_id":"org:xx:kpcp","type":"organization","role_in_article":"mentioned","metadata":{"ticker":null,"parent":null}}],"claims":[{"id":"c1","statement":"오픈AI 일부 직원 기기가 침해되고 내부 소스코드 일부가 탈취됐다","as_of":"2026-05","as_of_explicit":false,"as_of_raw":"2026년 5월","source_type":"company_disclosure","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c2","statement":"공격자는 5월 11일 단 6분 만에 42개 패키지에 걸쳐 84개의 악성 버전을 npm 저장소에 심었다","as_of":"2026-05-11","as_of_explicit":true,"as_of_raw":"5월 11일","source_type":"industry_estimate","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c3","statement":"공격자가 42개 패키지에 악성 버전을 심었다","as_of":"2026-05-11","as_of_explicit":true,"as_of_raw":"5월 11일","source_type":"industry_estimate","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c4","statement":"84개의 악성 버전을 npm 저장소에 심었다","as_of":"2026-05-11","as_of_explicit":true,"as_of_raw":"5월 11일","source_type":"industry_estimate","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c5","statement":"외부 연구자가 약 20분 만에 이를 포착해 신고했다","as_of":"2026-05-11","as_of_explicit":false,"as_of_raw":"약 20분 만에","source_type":"industry_estimate","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c6","statement":"피해가 npm·PyPI 생태계의 160개 이상 패키지로 번졌다","as_of":"2026-05","as_of_explicit":false,"as_of_raw":"2026년 5월","source_type":"industry_estimate","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null}],"ai_emotional_context":{"valence":0,"arousal":0,"primary_emotions":[],"secondary_emotions":[],"emotional_triggers":[]}},"provenance":{"source_chain":["primary_reporting"],"original_source_url":null,"related_articles":[]},"temporal":{"freshness":"recent","next_update_expected":null},"access":{"license":"neupai_standard","attribution_required":true,"structured_data":"free","full_text_available":false,"full_text_access":null}}