Grafana confirmed that the unauthorized access to its GitHub repositories was caused by the TanStack supply chain attack, which followed the Mini Shai-Hulud campaign targeting NPM and PyPI projects. The company said its codebase and internal repository data were accessed, but production systems and Grafana Cloud were not affected, and no customer action is needed. #Grafana #TanStack #MiniShaiHulud
Keypoints
- Grafana traced the GitHub access to the TanStack supply chain attack.
- The attack was part of the Mini Shai-Hulud campaign against NPM and PyPI projects.
- Grafana rotated GitHub workflow tokens after detecting malicious activity on May 11.
- One unrevoke token allowed the threat actor to access Grafana repositories.
- No production systems or Grafana Cloud services were impacted, and no customer action is required.