Grafana Labs has confirmed a targeted cyberattack by a criminal group, exploiting a TanStack npm supply chain vulnerability. The breach, which occurred on May 11, allowed attackers to access the company's GitHub repository, downloading both public and private source code, internal operational data, and some business contact emails. The attackers subsequently issued a ransom threat. Grafana Labs assured that the codebase was only downloaded and not altered, and that customer production systems and the Grafana Cloud platform remain unaffected. Binance founder CZ advised that any API keys in the code, even in private repositories, should be reviewed and replaced immediately.
Grafana Labs Confirms Targeted Cyberattack via Supply Chain Vulnerability
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.