惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
G
GRAHAM CLULEY
P
Privacy & Cybersecurity Law Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
宝玉的分享
宝玉的分享
P
Proofpoint News Feed
H
Help Net Security
V
Visual Studio Blog
阮一峰的网络日志
阮一峰的网络日志
C
Cisco Blogs
人人都是产品经理
人人都是产品经理
Know Your Adversary
Know Your Adversary
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Recorded Future
Recorded Future
I
Intezer
罗磊的独立博客
T
The Exploit Database - CXSecurity.com
Blog — PlanetScale
Blog — PlanetScale
Malwarebytes
Malwarebytes
Spread Privacy
Spread Privacy
T
Tor Project blog
V
Vulnerabilities – Threatpost
云风的 BLOG
云风的 BLOG
腾讯CDC
B
Blog RSS Feed
Stack Overflow Blog
Stack Overflow Blog
F
Future of Privacy Forum
MyScale Blog
MyScale Blog
Latest news
Latest news
IT之家
IT之家
MongoDB | Blog
MongoDB | Blog
The Hacker News
The Hacker News
S
Securelist
博客园 - 【当耐特】
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Threat Research - Cisco Blogs
Jina AI
Jina AI
Cisco Talos Blog
Cisco Talos Blog
B
Blog
博客园 - 三生石上(FineUI控件)
Last Week in AI
Last Week in AI
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
M
MIT News - Artificial intelligence
V
V2EX
D
Darknet – Hacking Tools, Hacker News & Cyber Security
The Cloudflare Blog
The GitHub Blog
The GitHub Blog
博客园 - 聂微东
F
Full Disclosure
C
CERT Recently Published Vulnerability Notes

Cybersecurity Dive - Latest News

CISA asks cybersecurity community to alert it to vulnerability exploitation 7-Eleven hit by data breach Microsoft disrupts cybercrime operation that hid behind legitimate software Compromised coding tool helped hackers breach thousands of GitHub repositories Telecom sector launches its own private ISAC Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN Grafana Labs says hacker gained access to codebase through leaked token How a government contest launched a revolution in AI-based bug hunting Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller MSPs need AI to fight AI-fueled cyberthreats: Guardz More money is going to physical security, but it’s often CISOs that oversee it: EY Frontier AI models reap rapid discovery of security vulnerabilities West Pharmaceutical starts restoring operations after ransomware attack Foxconn confirms cyberattack affecting some North American facilities OpenAI launches Daybreak to combat cyber threats Canvas owner reaches ‘agreement’ with threat actors after data breach Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it Identity takes center stage as a leading factor in enterprise cyberattacks AI and an absent government: Takeaways from RSAC 2026 Second Canvas data breach causes major disruptions for schools, colleges AI used to develop working zero-day exploit, researchers warn New cybersecurity industry alliance aims to lead US critical infrastructure protection Identity is the new perimeter as rapid NHI proliferation threatens visibility and control Instructure confirms cybersecurity incident Anthropic’s Claude used in attempted compromise of Mexican water utility Businesses hide vast majority of ransomware attacks, report finds Palo Alto Networks warns state-linked cluster behind zero-day exploitation Businesses eager but unprepared for AI to transform their security strategies Iran-sponsored threat group behind false flag social engineering campaign NIST will test three major tech firms’ frontier AI models for cybersecurity risks Trellix investigating breach of source code repository CISA urges critical infrastructure firms to ‘fortify’ before it’s too late Critical vulnerability in cPanel leads to widespread exploitation New MOVEit vulnerabilities prompt urgent patch warning How OpenClaw’s agent skills become an attack surface White House questions tech industry on defensive AI use, cybersecurity resilience As email phishing evolves, malicious attachments decline and QR codes surge US and allies urge ‘careful adoption’ of AI agents PwC partners with Google Cloud to take on the managed security market US agencies promote zero-trust practices for operational technology networks CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog State CISOs losing confidence in ability to manage cyber risks ‘Fundamental tension’ undermines manufacturers’ cybersecurity North Korea-linked actor targets Web3 execs in social-engineering campaign Major critical infrastructure supplier reports cyberattack US, UK authorities warn that Firestarter backdoor malware survives patching When security becomes the attack surface: Why endpoint protection must evolve Hasbro expects March cyberattack to impact second-quarter revenue AI-written software creates hassles for wary security teams China disguises cyberattacks with ‘covert network’ botnets, US and allies warn Iran-nexus threat groups refine attacks against critical infrastructure Trump’s CISA director pick withdraws after tumultuous nomination Microsoft SharePoint vulnerability widely exposed across multiple countries Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says CISA urges security teams to view environments following axios compromise Big banks seek to ease security worries as AI push accelerates CISA confirms exploitation of 3 more Cisco networking device vulnerabilities Stellantis teams with Microsoft to strengthen digital capabilities Vulnerability exploitation surges often precede disclosure, offering possible early warnings Vercel systems targeted after third-party tool compromised Beyond IT: Cybersecurity is a strategic business risk TP-Link routers face exploitation attempt linked to high-severity flaw US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms CIOs fret over rising security concerns amid AI adoption CISA cancels prestigious summer internships, citing government shutdown NIST limits vulnerability analysis as CVE backlog swells FCC exempts Netgear from foreign router ban Medium-severity flaw in Microsoft SharePoint exploited Brute-force cyberattacks originating in Middle East surge in Q1 FCC signals continued commitment to Cyber Trust Mark program CISOs see gaps in their incident response playbooks US, Indonesia shut down ‘sophisticated’ phishing kit Stryker warns of earnings fallout from March cyberattack Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure Iran-linked hackers target water, energy in US, FBI and CISA warn CISA’s vulnerability scans, field support on chopping block in Trump budget React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface Threat cluster launches extortion campaign using social engineering
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
David Jones · 2026-05-21 · via Cybersecurity Dive - Latest News

An article from site logo

The company behind the widely used observability platform refused an extortion demand and has since taken steps to harden its security.

Published May 21, 2026

Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard

Getty Images

Grafana Labs on Tuesday said the breach of its GitHub environment earlier this month originated from the TanStack npm supply chain attack that was linked to the Mini Shai-Hulud compromise.

The company on Saturday said a threat group downloaded its codebase after gaining access to its GitHub environment using a leaked token. The hackers attempted to blackmail Grafana Labs, threatening to leak the codebase, but the company refused to submit to the demands. 

More than 7,000 customers, including Nvidia, Microsoft, Anthropic and others, use Grafana’s observability platform.

On Tuesday, Grafana confirmed that the codebase breach originated from a supply chain attack on TanStack, a popular open source framework used to build web applications, according to the update from Grafana CISO Joe McManus. A threat group tracked as Team PCP is linked to the Mini Shai-Hulud attack, which compromised hundreds of npm packages. TanStack earlier this month confirmed that an attacker published 84 malicious versions across 42 of its packages. 

Grafana said it originally detected malicious activity on May 11, and quickly rotated a “significant number” of GitHub workflow tokens as part of its initial response. One of the tokens was missed, however, and the hackers were able to use that to gain access to the company’s Github repositories. 

The hackers contacted Grafana on May 16, but the company refused the extortion demand, in part due to FBI guidance that a ransom payment would only encourage future attacks. 

Grafana said the attack’s impact was limited to its GitHub repositories, which includes some public and private source code, as well as internal GitHub repos. 

To bolster security, Grafana said it rotated automation tokens, audited all commits since the May 11 incident and hardened its GitHub defenses. 

Customer production systems and repos were not impacted in the attack. The company is taking additional steps to better secure its continuous integration and continuous deployment pipelines so it can prevent a similar attack.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。