Grafana Labs confirms supply chain attack, customer systems not affected

According to a post by Grafana Labs on the X platform, it was confirmed on May 16th that it had suffered a TanStack npm supply chain attack. The attacker downloaded the code repository of its GitHub repository and issued a ransomware threat. The investigation shows that the incident was limited to the GitHub environment, and the customer's production system, operations, and Grafana Cloud platform were not affected. The downloaded content includes the source code and the names and email addresses of some internal business contacts, but the code repository has not been tampered with. Grafana Labs has refused to pay the ransom, notified federal law enforcement agencies, and strengthened defense measures such as CI/CD pipeline security.

24/7 Flashes

More >

Today 2026-05-20

01:22

Grafana Labs confirms supply chain attack, customer systems not affected

24/7 Flashes

The People's Bank of China launches 50 billion yuan reverse repurchase operation

Lighter completes L2 "escape mechanism" verification

Multiple Bankr users' wallets stolen due to social engineering attack

Whale Loracle.hl establishes LIT multiple orders and holds HYPE short orders

CFTC investigates $8 million oil futures trading before Trump tweets

24/7 Flashes

The People's Bank of China launches 50 billion yuan reverse repurchase operation

Lighter completes L2 "escape mechanism" verification

Multiple Bankr users' wallets stolen due to social engineering attack

Whale Loracle.hl establishes LIT multiple orders and holds HYPE short orders

CFTC investigates $8 million oil futures trading before Trump tweets