MEDIUMVulnerability
Global

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

·Source: The Hacker News

Updated:

Executive Summary

Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase. "Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations," Grafana said in a series of

Analysis

Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase. "Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations," Grafana said in a series of
Source Attribution

Originally published by The Hacker News on May 17, 2026.

Related Threats

CRITICALVulnerability

Microsoft rejects critical Azure vulnerability report, no CVE issued

A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that "no product changes were made," despite the researcher documenting a silent fix. [...]

BleepingComputer
MEDIUMVulnerability

Another detail emerges about Instructure’s agreement with ShinyHunters; Debate continues about whether to pay

Media outlets have been understandably eager to learn whether Instructure paid ShinyHunters after the latter attacked them for a second time on May 7. Considering that they pledged to be more transparent, DataBreaches doesn’t fully understand why Instructure wasn’t more forthright about the payment issue in its update, unless they were trying to avoid encouraging... Source

DataBreaches.net
CRITICALVulnerability

NVD CRITICAL: CVE-2021-47952 — python jsonpickle 2.0.0 contains a remote code execution vulnerability that allo...

python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. Attackers can craft JSON strings with py/repr directives that invoke the eval function during deserialization to execute system commands and arbitrary code.

CVE-2021-47952
NIST NVD