Grafana Labs has published a comprehensive post-incident review confirming that the TanStack npm supply chain ransom attack, which struck the company in May 2026, was strictly contained to its GitHub environment.
An independent forensic investigation by Mandiant has formally closed the incident with no evidence of customer data compromise or code tampering.
The attack chain began on May 11 when threat actors linked to the “Mini Shai-Hulud” campaign executed malicious code on Grafana’s self-hosted GitHub Actions runners, successfully exfiltrating credentials.
Although Grafana’s security team rotated the affected credentials promptly, one credential was inadvertently missed during the rotation sweep a gap the threat actors quickly weaponized.
Grafana Confirms TanStack npm Supply Chain Attack
Exploiting that overlooked credential, the attacker leveraged the compromised grafana-delivery-bot account to initiate large-scale data exfiltration of Grafana’s entire repository collection beginning May 14.
By May 15, the extortion demand had been published, and Grafana’s security team became aware of the ransom claim. The compromise was formally declared on May 16 at 17:39 UTC.
The threat actor demanded payment to prevent a public code leak. Despite maintaining private repositories for internal tools and proprietary Grafana Cloud features, the company declined to pay consistent with FBI guidance on ransomware response.
Grafana moved swiftly, suspending all GitHub applications on May 17 and initiating a global code freeze on May 18.
The remediation effort was substantial. Grafana launched a cross-platform audit spanning Vault, GitHub, Okta, Kubernetes, AWS, GCP, and host logs, completing 1,500 security-focused pull request reviews and auditing 280 GitHub applications with permissions stripped.
Security teams scanned 1,200 repositories for signs of tampering and conducted 2,300 PR reviews within a single critical repository. Infrastructure audits were also completed, with legacy systems retired throughout the process.
To ensure independent validation, Grafana engaged Mandiant beginning June 1, providing API access to its full log environment for a thorough forensic review.
Mandiant concluded its investigation on June 18, confirming “no evidence of code tampering or repository poisoning within public organizations or production repositories delivered to end users.”
While the downloaded content included source code and internal operational data such as business contact names and email addresses from past marketing campaigns, Grafana confirmed that this information was not sourced from production systems, significantly limiting the blast radius.
With the investigation formally closed, Grafana outlined a series of structural security improvements already in progress.
The company is deploying a token broker for short-lived, fine-grained GitHub credentials and migrating away from certain GitHub Actions to tightly scoped alternatives that rely on short-lived tokens.
Additionally, Grafana is compartmentalizing its GitHub organizations and isolating all archived repositories into a dedicated organization with Actions fully disabled.
The Grafana incident underscores a broader industry pattern where overlooked credentials during rotation sweeps become high-value pivot points for attackers.
The “Mini Shai-Hulud” campaign’s targeting of npm supply chains and CI/CD infrastructure signals an escalating focus on developer tooling as an attack surface making fine-grained access control and short-lived token adoption critical priorities for any organization relying on GitHub Actions at scale.
No Comment! Be the first one.