Grafana: Investigation reveals that recent security incidents have not affected customer production systems and operations
By: rootdata|2026/05/20 08:43:44
0
Share
The open-source data visualization tool Grafana has released the latest progress on the investigation of the security incident on May 16. The investigation found that this incident was limited to the GitHub environment of Grafana Labs, including both public and private source code as well as internal GitHub repositories, and did not affect customer production systems, operations, or the Grafana Cloud platform. The downloaded content, in addition to the source code, also included some repositories used by the team for collaboration and storage of internal operational information and business details, involving business contact names and email addresses, rather than data from production systems or the cloud platform.
Grafana Labs has made it clear that the codebase was downloaded but not tampered with, and currently, customers and open-source users do not need to take any action. The incident originated from a TanStack npm supply chain attack conducted through the Mini Shai-Hulud campaign. Grafana Labs detected malicious activity on May 11 and initiated an emergency response, but a credential was overlooked, allowing the attacker to gain access. After receiving a ransom demand on May 16, the company decided not to pay the ransom and has rotated automated credentials, implemented enhanced monitoring, audited all commits since May 11, and significantly strengthened GitHub security configurations. The company has notified federal law enforcement, and the investigation is ongoing.
You may also like
Harvard and other institutions are liquidating their assets, and six core talents have left in a month. What is happening with Ethereum?
Vitalik's long-term vision is clear, but the realization of that vision requires stable coordination capabilities and continuous experience accumulation, both of which seem to be rapidly diminishing.
WEEX P2P now supports KES—Merchant Recruitment Now Open
To make crypto deposits easier, WEEX has officially launched its P2P trading platform and continues to expand fiat support. We're excited to announce that the Kenyan Shilling (KES) is now available on WEEX P2P!
Recovering cryptocurrency assets is a lucrative business that quietly makes a fortune
With the popularity of cryptocurrency wallets, cases of daily asset "disappearance" such as wrong chain deposits, mnemonic phrase errors, and exchange freezes are on the rise, and professional cryptocurrency asset recovery services are growing into a new market with a scale of hundreds of billions.
Gemini 3.5 is here! Tonight, Google personally eliminates Google
Chopping wood and Hassabis cleared out everything in one night! Gemini Omni generates videos from any input, 3.5 Flash crushes everything, and Spark works for you 24/7 in the cloud. This time, Google aims to bury both OpenAI and Anthropic together.
Duan Yongping establishes a position in a cryptocurrency company for the first time: Why Circle?
The stablecoin company represented by Circle is becoming the bridge that is easiest for traditional capital to understand and accept.
Vitalik: What is the key to the next phase of Ethereum?
"Code is law" — this is one of the earliest beliefs in the blockchain world. But what if the code itself has bugs? What if AI makes bugs ubiquitous? This is the question that Vitalik's latest long article attempts to answer.
Interlace: A global leader in Agentic Payment and stablecoin infrastructure platform, building the next generation of digital financial foundation
Interlace has launched two innovative products, Agent Card and Scan to Pay, bridging traditional finance and the crypto world, and comprehensively accelerating the integration of AI Agent consumption and stablecoin payments into everyday business scenarios with a more secure and efficient enterprise...
Morning Report | Musk's xAI launches Skills; Duan Yongping to first build position in Circle in Q1 2026; Polymarket partners with Nasdaq to launch prediction market
Overview of Important Market Events on May 19
WEEX P2P now supports COP—Merchant Recruitment Now Open
To make crypto deposits easier, WEEX has officially launched its P2P trading platform and continues to expand fiat support. We're excited to announce that the Colombian Peso (COP) is now available on WEEX P2P!
Dialogue with Lead Bank Founder Jackie: American Banks Re-embrace Crypto
Excellent crypto companies are not those that are "best at circumventing regulations," but those that are "best at evolving in collaboration with regulations."
Vitalik: What we need to do is not to fight against AI, but to create a sanctuary
What is truly scarce is not computing power, but people who are willing to think proactively and retain sovereignty.
Morning News | VanEck and Grayscale submitted BNB ETF amendments on the same day; BlackRock discusses investing billions of dollars in SpaceX's IPO; Michael Saylor releases Bitcoin Tracker information again
Overview of Important Market Events on May 17
Crypto ETF Weekly | Last week, the net outflow of Bitcoin spot ETFs in the United States was $995 million; the net outflow of Ethereum spot ETFs in the United States was $255 million
Avenir Group solidifies its position as the largest Bitcoin ETF institutional holder in Asia, ranking first in the region for eight consecutive seasons.
This Week's News Preview | The Federal Reserve Releases the Last FOMC Minutes of the "Powell Era"
Highlights of the week from May 18 to May 24.
Blockchain Capital Partner: Most people's understanding of on-chain economy is narrow
In the author's view, the most astonishing things in the blockchain space have yet to be created. Flash loans give us a glimpse, but this is just the tip of the iceberg.
The ambition of "one account trading global assets": How does CoinUp.io break down asset barriers to become an industry dark horse?
Create a diversified financial ecosystem through collaboration between CEX and public chains.
How long will it take for the GPU futures market when computing power is commoditized?
Will computing power be the next major commodity? Examining the GPU futures market from five dimensions: it is still too early to talk about an explosion; the real breakthrough variable lies within the wave of open-source models and inference demand.
Harvard University loses $150 million in cryptocurrency! Has completely liquidated Ethereum and significantly reduced its Bitcoin ETF positions
In just two quarters, Harvard's public holdings in crypto assets fell from a peak of $443 million to about $117 million.
Harvard and other institutions are liquidating their assets, and six core talents have left in a month. What is happening with Ethereum?
Vitalik's long-term vision is clear, but the realization of that vision requires stable coordination capabilities and continuous experience accumulation, both of which seem to be rapidly diminishing.
WEEX P2P now supports KES—Merchant Recruitment Now Open
To make crypto deposits easier, WEEX has officially launched its P2P trading platform and continues to expand fiat support. We're excited to announce that the Kenyan Shilling (KES) is now available on WEEX P2P!
Recovering cryptocurrency assets is a lucrative business that quietly makes a fortune
With the popularity of cryptocurrency wallets, cases of daily asset "disappearance" such as wrong chain deposits, mnemonic phrase errors, and exchange freezes are on the rise, and professional cryptocurrency asset recovery services are growing into a new market with a scale of hundreds of billions.
Gemini 3.5 is here! Tonight, Google personally eliminates Google
Chopping wood and Hassabis cleared out everything in one night! Gemini Omni generates videos from any input, 3.5 Flash crushes everything, and Spark works for you 24/7 in the cloud. This time, Google aims to bury both OpenAI and Anthropic together.
Duan Yongping establishes a position in a cryptocurrency company for the first time: Why Circle?
The stablecoin company represented by Circle is becoming the bridge that is easiest for traditional capital to understand and accept.
Vitalik: What is the key to the next phase of Ethereum?
"Code is law" — this is one of the earliest beliefs in the blockchain world. But what if the code itself has bugs? What if AI makes bugs ubiquitous? This is the question that Vitalik's latest long article attempts to answer.
Contents
Popular coins
Latest Crypto News
Read more
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
