Grafana Labs security update: Latest on TanStack npm supply chain ransomware incident
Blog post from Grafana Labs
On May 16, 2026, Grafana Labs confirmed that a cybercrime group had gained unauthorized access to their GitHub repositories, downloading their codebase and issuing a ransom demand under the threat of data disclosure. The incident, originating from a TanStack npm supply chain attack, was detected on May 11, prompting immediate incident response actions, including rotation of GitHub workflow tokens and increased monitoring. Grafana Labs decided against paying the ransom, aligning with the FBI's stance on such matters, and notified federal law enforcement while enhancing their GitHub security measures. The investigation has thus far revealed no compromise of customer production systems or operations, and the incident was confined to the GitHub environment. Grafana Labs emphasizes transparency and trust, assuring users that the codebase remains unaltered and no customer action is required. They are focused on ongoing investigations and implementing stronger security controls to protect their CI/CD pipelines and prevent future incidents.
No tracked trend matches for this post yet.