Grafana GitHub Breach Exposes Source Code via TanStack npm Attack

Grafana Labs disclosed that on May 11, 2026 it detected unauthorized access to its GitHub environment originating from the TanStack npm supply-chain compromise attributed to TeamPCP; the attackers accessed public and private source code and internal repositories containing operational details and business contacts, later issuing an extortion demand. Grafana rotated automation tokens, audited commits, enhanced monitoring and GitHub security, and reported no evidence that customer production systems or Grafana Cloud were compromised.