Grafana Codebase Stolen via TanStack Supply Chain Attack

Attackers accessed Grafana’s GitHub repositories using a token that was compromised in the earlier TanStack supply chain attack but never rotated after that incident. Grafana confirmed its codebase and other data were exfiltrated. The failure to rotate a known-exposed token is the direct root cause. Organizations that may have been affected by the TanStack compromise should audit all tokens and credentials for rotation status — an unrotated token from a prior supply chain incident is an open door.