New reports reveal that the Grafana source code breach did not originate from a standalone stolen GitHub access token — it began with a TanStack npm package weaponized by the threat group TeamPCP, the same actor that on the same day claimed a breach of approximately 4,000 of GitHub’s own internal repositories.
The Full Grafana Attack Chain: From TanStack npm to Source Code Theft
The Grafana breach unfolded through a multi-stage supply chain attack. TeamPCP first weaponized a TanStack npm package — TanStack, formerly known as TanStack Query, is widely used in JavaScript and React development ecosystems. The compromised package stole GitHub workflow tokens from Grafana’s CI/CD pipelines during runs that included the affected dependency. A “missed token” left in the repository after initial detection provided continued access, allowing attackers to download Grafana’s GitHub repositories and their source code.
Beyond source code, Grafana confirmed attackers also obtained business contact names and email addresses used in professional contexts, plus internal operational details from repositories used for team collaboration. Grafana confirmed “no evidence of customer production systems or operations being compromised.”
TeamPCP’s Ransom Demand on May 16 and Grafana’s Refusal to Pay
Grafana received ransom demands from TeamPCP on May 16, 2026. The company explicitly refused payment, citing no guarantee that stolen data would be deleted following a transaction. Grafana’s public refusal is consistent with standard security guidance: ransom payments provide no reliable assurance of data destruction and fund continued criminal operations by the same actor.
Why the TanStack Compromise Raises Broader Supply Chain Exposure Questions
TanStack’s prevalence across JavaScript development means Grafana may not be the only organization whose CI/CD pipelines ran the compromised package during the attack window. Any organization that ran the weaponized TanStack version in a GitHub Actions workflow with repository read or write access could have had GitHub workflow tokens stolen through the same mechanism. The full downstream scope of the initial TanStack compromise has not been publicly established.
TeamPCP’s Simultaneous GitHub Breach Claim and the Attack Pattern It Completes
The attribution of the Grafana breach to TeamPCP carries added weight on the same day the group posted its claim of access to approximately 4,000 GitHub internal repositories. The confirmed Grafana incident demonstrates that TeamPCP has both the technique and the access chain to move from an npm supply chain compromise through GitHub workflow token theft into private repository contents — the same technical pathway that would be consistent with the claimed GitHub intrusion. The proven capability in one incident lends credibility to the unconfirmed claim in the other.
TeamPCP’s Concurrent Attacks on Grafana, TanStack npm, and GitHub Confirm a Coordinated Campaign
The Grafana breach update, the TanStack npm compromise, the GitHub internal repository claim, and the Nx Console VS Code extension attack disclosed across May 18–20, 2026, collectively form a pattern of simultaneous, targeted intrusions across developer toolchain infrastructure. TeamPCP’s confirmed role in at least two of those incidents positions the group as running a coordinated campaign against the shared npm packages, GitHub access token chains, VS Code extensions, and internal repositories that development teams depend on across the industry.
For organizations that used TanStack in GitHub Actions workflows during the relevant window, the priority action is auditing GitHub workflow token exposure and rotating any tokens with repository write access that could have been captured by the compromised dependency.
