Grafana Labs warns of TanStack NPM ransomware threat

Grafana Labs has issued a security advisory regarding a ransomware incident affecting the TanStack package in the NPM (Node Package Manager) supply chain. The incident highlights vulnerabilities in popular open-source repositories that developers rely on. The company has provided guidance on identifying compromised packages and recommended immediate updates for affected users. This supply chain attack underscores the importance of verifying package authenticity and monitoring dependencies in development workflows. Organizations using TanStack should review their systems and implement the suggested security patches promptly to prevent potential ransomware infections. Source: Grafana Labs Security Advisory.