Home
Loading

aVenture is in Alpha: During this preview period, you should expect the research data to be limited and may not yet meet our exacting standards. We've made the decision to provide early access to our data to showcase the product as we build, but you should not yet rely upon it alone for your investment decisions.

aVenture is in Alpha: During this preview period, you should expect the research data to be limited and may not yet meet our exacting standards. We've made the decision to provide early access to our data to showcase the product as we build, but you should not yet rely upon it alone for your investment decisions.

Get in touch

  • Contact

  • Request a demo

  • Request data updates

  • Add a company

Research

  • Companies

  • Investors

  • People

aVenture

  • Sitemap

  • Feature requests

Member

Backed by

© aVenture Investment Company, 2026. All rights reserved.

San Francisco, CA, USA

Privacy Policy

aVenture Investment Company ("aVenture") is an independent research platform providing detailed analysis and data on startups, venture capital investments, and key industry individuals. It is not a registered investment adviser, broker-dealer, or investment advisor and does not provide investment advice or recommendations. The data provided by aVenture does not constitute recommendations or advice, whether by methodology, analysis, AI-generated content, or a statement written by a staff member of aVenture.

aVenture is not affiliated with any of the people, companies, organizations, government agencies, regulatory bodies, or investment funds we provide coverage for on this site unless explicitly stated otherwise. Users assume full responsibility for decisions made based on information obtained from this platform. Links to external websites do not imply endorsement or affiliation with aVenture. Any links that provide the ability to invest in a primary or secondary transaction in a company are for convenience only and do not constitute solicitations or offers to buy or sell an investment. Investors should exercise heightened precaution and due diligence when investing in private companies, especially those not independently audited.

While we strive to provide valuable insights with objectivity and professional diligence, we cannot guarantee the accuracy of the information provided on our platform. Before making any investment decisions, you should verify the accuracy of all pertinent details for your decision. To the fullest extent permitted by law, aVenture shall not be liable for any direct, indirect, incidental, consequential, or financial damages arising from use of this site, whether by consumers of its contents directly or by persons or organizations covered by our research, even if we are advised of the possibility. Our best-efforts processes and correction request forms do not create a warranty or duty of care.

Profiles on this platform may include content generated in part by large language models (LLMs, artificial intelligence) that aggregate publicly available sources (e.g., SEC EDGAR, public filings, press releases). Source attribution is provided where known; always verify statements and claims here against original sources before relying on any data. Content on our site may contain inaccuracies, omissions, or what are commonly called 'hallucinations' if generated in part or in full by AI / LLMs. The risk can also exist even when content is written by a human, as internal and third-party sources may also have inaccuracies for the same or different reasons. While we randomly audit a proportion of content, this is not exhaustive.

We recommend that an independent auditor be hired to verify the accuracy of the information before relying on it for any sensitive decisions. By accessing this platform, you agree not to rely solely on any information generated by AI, aggregated, or sourced or written otherwise on this site, for investment, financial, or other decisions. aVenture assumes no responsibility for inaccuracies, omissions, or hallucinations. You must independently verify all data from primary sources. Use of this platform constitutes your waiver of claims for reliance-based damages, including negligent misrepresentation. To report an error, request a correction, or dispute information about a company or individual, contact us via our request data updates form.

Loading
Loading
Home
News
Postmortem: TanStack npm supply-chain compromise

From TanStack Blog

By

May 11, 2026

Postmortem: TanStack npm supply-chain compromise

Postmortem: TanStack npm supply-chain compromise
On May 11 2026, an attacker chained a pull_request_target Pwn Request, GitHub Actions cache poisoning across the fork to base trust boundary, and OIDC token extraction from runner memory to publish 84 malicious versions across 42 @tanstack packages on npm. TanStack published a full postmortem detailing the attack vector and remediation steps.

View original article on tanstack.com

Most Recent

Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

The company just raised $7 million in seed funding, and is launching its app for iPhone and Android on Tuesday.

Jul 7, 2026

As AI agents become employees, NewCore emerges with $66M to give them identities

As AI agents become employees, NewCore emerges with $66M to give them identities

NewCore argues the next challenge in enterprise security will be managing AI agents, not people.

Jun 15, 2026

Cyera eyes $12B valuation at 80x ARR multiple despite operating losses

Cyera eyes $12B valuation at 80x ARR multiple despite operating losses

The cybersecurity company is nearing a $300 million round led by Evolution Equity Partners.

Jun 2, 2026

From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing

From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing

Ocean, an agentic email security platform, claims its AI can thoroughly analyze the context of every incoming email to detect fraud and impersonation attempts.

May 19, 2026

Similar Posts

Socket lands a fresh $40M to scan software for security flaws

Socket lands a fresh $40M to scan software for security flaws

The software supply chain, which comprises the components and processes used to develop software, has become precarious. According to one recent survey, 88% of companies believe poor software supply chain security presents an “enterprise-wide risk” to their organizations. Open source supply chain components are especially fraught, thanks to the logistical hurdles in keeping each component well-maintained. Security firm Synopsys found in its 2023 report that 89% of businesses’ codebases containe

Oct 22, 2024

Aim Security raises $10M for its GenAI security platform

Aim Security raises $10M for its GenAI security platform

Securing generative AI-based applications from prompting attacks, ensuring thatnthey don’t leak sensitive data or create malicious output or results that maynviolate privacy regulations is becoming a real business. We’ve already seen somenstartups in this space and today, Tel Aviv-based Aim Security is joining thenfray with a new GenAI security platform and […]

Jan 31, 2024

Axiado claims its chip can prevent cyberattacks

Axiado claims its chip can prevent cyberattacks

Cyberattacks are on the rise. In Q1 2024, organizations experienced an average of around 1,300 attacks per week. The cost of attacks is climbing, as well. Per Statista, cybercrime-related losses could surge to over $13 billion by 2028. Software is one way to combat these attacks. Hardware is another. Startup Axiado is a proponent of both, having built a business out of designing “security” chips and apps to leverage them. Founded in 2017, Axiado makes chips to secure devices ranging from data c

Dec 4, 2024

TanStack Removed 3rd Party Ads from TanStack.com

TanStack Removed 3rd Party Ads from TanStack.com

Cutting ad-tech and tracking overhead turned a pathological request graph into something sane again, and made the remaining first-party performance work finally obvious.

Mar 23, 2026

Most Recent

Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

The company just raised $7 million in seed funding, and is launching its app for iPhone and Android on Tuesday.

Jul 7, 2026

As AI agents become employees, NewCore emerges with $66M to give them identities

As AI agents become employees, NewCore emerges with $66M to give them identities

NewCore argues the next challenge in enterprise security will be managing AI agents, not people.

Jun 15, 2026

Cyera eyes $12B valuation at 80x ARR multiple despite operating losses

Cyera eyes $12B valuation at 80x ARR multiple despite operating losses

The cybersecurity company is nearing a $300 million round led by Evolution Equity Partners.

Jun 2, 2026

From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing

From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing

Ocean, an agentic email security platform, claims its AI can thoroughly analyze the context of every incoming email to detect fraud and impersonation attempts.

May 19, 2026

Similar Posts

Socket lands a fresh $40M to scan software for security flaws

Socket lands a fresh $40M to scan software for security flaws

The software supply chain, which comprises the components and processes used to develop software, has become precarious. According to one recent survey, 88% of companies believe poor software supply chain security presents an “enterprise-wide risk” to their organizations. Open source supply chain components are especially fraught, thanks to the logistical hurdles in keeping each component well-maintained. Security firm Synopsys found in its 2023 report that 89% of businesses’ codebases containe

Oct 22, 2024

Aim Security raises $10M for its GenAI security platform

Aim Security raises $10M for its GenAI security platform

Securing generative AI-based applications from prompting attacks, ensuring thatnthey don’t leak sensitive data or create malicious output or results that maynviolate privacy regulations is becoming a real business. We’ve already seen somenstartups in this space and today, Tel Aviv-based Aim Security is joining thenfray with a new GenAI security platform and […]

Jan 31, 2024

Axiado claims its chip can prevent cyberattacks

Axiado claims its chip can prevent cyberattacks

Cyberattacks are on the rise. In Q1 2024, organizations experienced an average of around 1,300 attacks per week. The cost of attacks is climbing, as well. Per Statista, cybercrime-related losses could surge to over $13 billion by 2028. Software is one way to combat these attacks. Hardware is another. Startup Axiado is a proponent of both, having built a business out of designing “security” chips and apps to leverage them. Founded in 2017, Axiado makes chips to secure devices ranging from data c

Dec 4, 2024

TanStack Removed 3rd Party Ads from TanStack.com

TanStack Removed 3rd Party Ads from TanStack.com

Cutting ad-tech and tracking overhead turned a pathological request graph into something sane again, and made the remaining first-party performance work finally obvious.

Mar 23, 2026