Overview
Grafana Labs has confirmed that its GitHub environment was compromised through the ongoing TanStack npm supply chain attack, exposing both public and private source code repositories. The company says its investigation found no evidence of customer production systems or operations being affected — but the breach raises significant concerns about the expanding blast radius of the Mini Shai-Hulud worm campaign that has been targeting developer toolchains throughout May 2026.
The incident adds Grafana to a growing list of major software vendors compromised through the same supply chain attack vector, which has previously claimed Mistral AI, TanStack itself, OpenAI developer devices, and multiple other targets.
What Happened
Grafana Labs disclosed that an unauthorized party gained access to its GitHub environment — the company's source code hosting infrastructure. The breach is attributed to the TanStack npm supply chain attack, where malicious packages compromised developer machines, stealing GitHub tokens and enabling downstream repository access.
According to Grafana's investigation:
- Scope: Limited to the Grafana Labs GitHub environment
- Exposed content: Public and private source code repositories
- Customer impact: No evidence of customer production systems, databases, or infrastructure being compromised
- Operations: No disruption to hosted Grafana Cloud services
The company said the stolen GitHub access token — obtained via the TanStack supply chain attack on a developer's machine — provided the attacker with read access to Grafana's internal repositories before the token was rotated and access revoked.
Connection to Mini Shai-Hulud Campaign
The Grafana breach is part of the broader Mini Shai-Hulud worm campaign, which has been spreading through the npm ecosystem by compromising maintainer accounts and injecting malicious payloads into popular packages.
The attack chain typically follows this pattern:
Compromised npm package (TanStack or dependency)
→ Executes payload on developer's machine
→ Steals GitHub tokens, SSH keys, and cloud credentials
→ Token used to clone/access GitHub repositories
→ Stolen repos listed for sale or used for further attacksPrevious confirmed victims of the same campaign include:
- Mistral AI — source code repositories accessed and advertised for sale
- OpenAI — two employee devices affected, triggering macOS security update advisory
- Checkmarx — Jenkins AST plugin compromised
- Multiple SAP-related packages — credentials stolen via mini-shai-hulud attack
Key Details
| Detail | Information |
|---|---|
| Victim | Grafana Labs |
| Attack Vector | TanStack npm supply chain / Mini Shai-Hulud worm |
| Compromised Asset | GitHub environment (source code) |
| Data Exposed | Public and private source code repositories |
| Customer Impact | None confirmed |
| Detection | Internal investigation |
| Response | Token rotated, access revoked, investigation ongoing |
Grafana's Statement
Grafana Labs stated that its investigation confirmed the breach was limited to the GitHub environment. The company emphasized:
- No customer data was accessed
- No production systems were reached
- No Grafana Cloud infrastructure was compromised
- The company is continuing forensic analysis
Why Source Code Breaches Matter
Even when "only" source code is exposed, the downstream risks are significant:
Hardcoded Secrets
Source code repositories frequently contain hardcoded API keys, database credentials, internal service tokens, and cryptographic keys checked in by developers — even in private repositories that teams believed were secure.
Security Research by Adversaries
Threat actors with access to private source code can conduct offline security research to identify zero-day vulnerabilities without triggering any detection on the victim's infrastructure.
Intellectual Property Theft
Proprietary algorithms, product roadmaps, and unreleased features embedded in source code represent valuable intellectual property that can be monetized by adversaries.
Supply Chain Attack Amplification
If Grafana source code is weaponized — similar to how the Claude Code npm packaging error led to infostealer distribution in April 2026 — the Grafana monitoring ecosystem used by millions of organizations worldwide could become an attack vector.
Recommendations for Organizations Using Grafana
- Monitor Grafana for anomalous updates — particularly any unexpected patch releases in the near term
- Verify package integrity — check hashes on Grafana binaries and plugins against official release signatures
- Audit GitHub tokens — if any organization has Grafana Lab dependencies in their build pipelines, audit associated GitHub tokens
- Subscribe to Grafana security advisories — to receive prompt notification of any downstream security issues discovered as a result of the breach
- Rotate secrets — if your organization's Grafana deployment uses API keys or tokens provisioned through Grafana Labs services, rotate them as a precaution
Developer Security Guidance
Given the TanStack npm vector, all developers should treat this as a reminder to audit their own environments:
# Check for TanStack packages in your project
npm ls | grep -i tanstack
cat package-lock.json | python3 -c "import sys,json; pkgs=json.load(sys.stdin)['packages']; [print(k) for k in pkgs if 'tanstack' in k.lower()]"
# Audit for recently modified npm packages
ls -lt ~/.npm/_cacache/content-v2/ | head -20
# Check for suspicious GitHub tokens in environment
env | grep -i github_token
cat ~/.gitconfig | grep -i tokenTimeline
| Date | Event |
|---|---|
| Early May 2026 | TanStack npm supply chain attack begins circulating via Mini Shai-Hulud worm |
| May 14, 2026 | OpenAI confirms two employee devices affected; issues macOS update advisory |
| May 15, 2026 | TeamPCP advertises Mistral AI code repos for sale |
| May 17, 2026 | Grafana GitHub breach confirmed via stolen token |
| May 20, 2026 | Grafana Labs publicly discloses limited scope of breach |
Bottom Line
The Grafana breach underscores that the Mini Shai-Hulud / TanStack npm supply chain campaign has reached into the developer toolchains of some of the most prominent open-source infrastructure companies in the world. While Grafana's rapid detection and response limited the damage, the pattern of breaches reveals that any developer who installed affected npm packages may have unknowingly handed attackers their GitHub credentials.
Organizations dependent on Grafana for observability should maintain heightened vigilance for unexpected changes to Grafana releases, plugins, or documentation in the coming weeks.
Sources
- The Hacker News — Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
- Grafana Labs Security Blog