Tag: grafana
4 articles

Grafana Breach Exposed by TanStack Supply Chain Attack
Grafana Labs revealed that a supply chain attack led to an unauthorized download of its codebase, exposing a vulnerability that allowed attackers to gain access to its GitHub repositories through a missed workflow token. The breach was detected on May 11, with the company swiftly rotating tokens, but unfortunately, one was overlooked.

Grafana Breach Exposes Missed Security Step After TanStack Attack
A single misstep in Grafana's security protocol allowed attackers to gain access to its GitHub repositories, following a supply-chain incident involving malicious TanStack packages. A missed GitHub workflow token proved to be the key that enabled the breach.

Grafana GitHub Breach Exposes Source Code in TanStack npm Attack
Grafana Labs recently reported a security breach that exposed source code and internal data, but fortunately, there's no evidence that customer production systems were compromised. The breach, detected on May 11, was confined to the company's GitHub environment and involved both public and private source code and internal repositories.

Grafana Breach Exposes Codebase, Sparks Extortion Attempt
Grafana recently experienced a security breach, where an unauthorized party gained access to its GitHub environment, downloading its codebase, but fortunately, no customer data or personal info was compromised. The company swiftly responded, taking measures to prevent further unauthorized access and thwarting an attempted extortion by the attacker.