#TanStack
Grafana GitHub Breach: TanStack npm Supply Chain Attack Leads to Source Code Theft and Ransom Demand
Grafana Labs has confirmed a ransomware-linked breach of its GitHub environment traced to the TanStack npm supply chain compromise. Attackers exfiltrated internal source code repositories and issued a...
84 TanStack npm Packages Poisoned in Sophisticated Supply-Chain Attack Stealing Cloud and CI Credentials
Attackers compromised 84 npm artifacts across 42 TanStack packages — including react-router with 12M+ weekly downloads — injecting a credential-stealing payload via chained GitHub Actions abuse. Organizations that...