GRAFANA Labs reported a data breach linked to the Mini Shai-Hulud attack, revealing that attackers compromised TanStack packages in its CI/CD environment on May 11, 2026. Unauthorized access allowed the download of Grafana's codebase and workflow tokens. Despite mitigation efforts, which included token rotation and enhanced security measures, some access was still gained to internal repositories, with no indication of customer production systems being affected.
The attack underscores the ongoing vulnerability of software supply chains, as it involved multiple platforms and demonstrated how malicious packages can bypass security filters.