Grafana GitHub breach stemmed from TanStack npm attack; missed token exposed repos, not customer production systems.