Tag: Grafana


  • Grafana Breach Linked to Missed Token Rotation

    A recent Grafana breach was linked to a missed token rotation following the earlier TanStack supply-chain attack. Grafana confirmed that attackers regained access to internal systems because one compromised credential remained active after the original incident response process. The incident highlights the growing dangers surrounding token management and cloud credential security. Researchers warn that attackers…

  • Grafana admin spoofing flaw raises maximum severity alert

    The Grafana admin spoofing issue poses a serious threat to organizations using Grafana Enterprise. A newly disclosed flaw allows a malicious actor to create or treat a new user as an existing internal administrator. The vendor confirms the issue affects SCIM-provisioned configurations and urges prompt patching. Vulnerability details Grafana Labs revealed that a maximum severity…