Skip to main content

Tag: github workflow token

1 article

Blurred computer screen surrounded by development materials in a bright, neutral workspace.

Grafana Breach Exposed by TanStack Supply Chain Attack

Grafana Labs revealed that a supply chain attack led to an unauthorized download of its codebase, exposing a vulnerability that allowed attackers to gain access to its GitHub repositories through a missed workflow token. The breach was detected on May 11, with the company swiftly rotating tokens, but unfortunately, one was overlooked.

Analyst 207