Signal

GitHub and Grafana Labs breaches linked to TanStack supply chain attack via malicious VS Code extension

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-05-21 06:54 UTCUpdated 2026-05-21 14:45 UTC

rss

supply_chainbreachmalwareincident_response

Trend in the last 24h

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (4)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (3 domains)

3 top sources shown

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

Infosecurity Magazine · News · infosecurity-magazine.com · 2026-05-21 14:45 UTC

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

Help Net Security · News · helpnetsecurity.com · 2026-05-21 13:42 UTC

GitHub links repo breach to TanStack npm supply-chain attack

BleepingComputer · News · bleepingcomputer.com · 2026-05-21 06:54 UTC

View all evidence

Overview

Recent breaches at GitHub and Grafana Labs have been traced back to a supply chain compromise involving the TanStack npm package.

Entities

GitHubGrafana LabsTanStackNx ConsoleAlexis WalesTeamPCP

Score total

1.37

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

The breaches were recently disclosed, revealing active exploitation of popular developer tools.
The attack affects widely used software components impacting many organizations.
Understanding this incident helps improve defenses against similar supply chain compromises.

Why it matters

Highlights risks of supply chain attacks via developer tools and extensions.
Demonstrates how compromised credentials can lead to large-scale code repository breaches.
Shows the importance of securing CI/CD pipelines and verifying software dependencies.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: high

Recurring claims

GitHub breach was caused by a malicious version of the Nx Console VS Code extension compromised in the TanStack npm supply chain attack
Grafana Labs breach stemmed from the TanStack supply chain attack

How sources frame it

Help Net Security: neutral
BleepingComputer: neutral
Infosecurity Magazine: neutral

All evidence

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

Infosecurity Magazine · infosecurity-magazine.com · 2026-05-21 14:45 UTC

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

Help Net Security · helpnetsecurity.com · 2026-05-21 13:42 UTC

GitHub links repo breach to TanStack npm supply-chain attack

BleepingComputer · bleepingcomputer.com · 2026-05-21 06:54 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 3 / 0

Top publishers (this list)

Infosecurity Magazine (1)
Help Net Security (1)
BleepingComputer (1)

Top origin domains (this list)

infosecurity-magazine.com (1)
helpnetsecurity.com (1)
bleepingcomputer.com (1)