SECURITYBLEEPING COMPUTER
Grafana breach caused by missed token rotation after TanStack attack
The Grafana data breach occurred due to a missed token rotation after the TanStack npm supply-chain attack. A single GitHub workflow token was not rotated, leading to the breach. The incident highlights the importance of token rotation in preventing such attacks.