TanStack npm breach exposed Grafana GitHub code, repos

Grafana Labs reported that a supply-chain attack tied to a compromised TanStack npm package gave attackers access to its GitHub environment. The company said the incident affected public and private source code and several internal repositories.

The activity was detected on May 11, 2026. Grafana said downloaded content included repositories teams use to collaborate and store internal operational information. The company noted business contact names and email addresses were among the files taken; those contacts were exchanged in a professional context and were not pulled from production systems or the Grafana Cloud platform.

Grafana attributed the access to the TanStack npm compromise orchestrated by the threat actor known as TeamPCP, a campaign that also targeted other AI firms. The firm reported it rotated a large number of GitHub workflow tokens after detecting the activity but that an overlooked token allowed attackers to gain repository access. “We performed analysis and quickly rotated a significant number of GitHub workflow tokens, but a missed token led to the attackers gaining access to our GitHub repositories,” Grafana wrote. A subsequent review, the company added, confirmed that a specific GitHub workflow originally thought unaffected had been compromised.

The company received an extortion demand on May 16 and chose not to pay, saying there was no guarantee stolen data would be deleted and that payment could encourage future campaigns. A data extortion group operating under the name CoinbaseCartel listed Grafana on a dark web site on May 15.

Since the breach was found, Grafana reported it has rotated remaining automation tokens, implemented enhanced monitoring, audited commits for signs of malicious activity and strengthened its GitHub security posture. The firm restated that its investigation found no indication that customer production systems, Grafana Cloud operations or customer data were impacted.

Separately, GitHub said it is investigating unauthorized access to some of its internal repositories after TeamPCP posted listings for the platform’s source code and internal organizations for sale. Security activity tied to npm supply-chain attacks has involved injecting malicious packages into widely used libraries, a technique that can expose developer credentials or automation tokens and allow attackers to move from developer machines to corporate code hosts. Organizations affected by such incidents have examined token hygiene, restricted workflow permissions and increased monitoring of automated credentials used in continuous integration and deployment pipelines.