什么是 OIDC？

TanStack suffered an npm supply-chain compromise on May 11, 2026, where attackers published 84 malicious versions across 42 packages using GitHub Actions cache poisoning and OIDC token extraction without stealing npm tokens directly.

A large-scale supply chain attack hit the npm ecosystem, affecting over 160 packages including TanStack, Mistral AI, and UiPath; attackers used GitHub Actions vulnerabilities and OIDC tokens to publish malicious code under trusted identities.

微软开源包遭恶意代码感染，触发凭证窃取攻击，影响73个包，攻击者利用AI工具传播。

Vercel Blob now supports generating time-bound signed URLs, enabling direct browser uploads, downloads, inspections, or deletions of specific objects with high security and no exposure of long-lived storage tokens.

Vercel Blob now supports OIDC authentication and is the default setting when connecting new projects, enhancing security and integration flexibility.

NVIDIA OpenShell v0.0.41 introduces agent-driven policy management, CLI sandbox resource flags, and custom CA support for OIDC TLS.

Vercel CLI provides convenient deployment and environment variable management features to help developers quickly set up and validate projects.

OpenShell v0.0.43 release adds 6 security and feature improvements including bidirectional TTY streaming, OIDC auth, HTTPS/mTLS decoupling, TOML gateway config, ext4 disk boot for sandboxes, and DNS removal.