1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Grafana says hackers hit its GitHub environment, demand ransom to

    From TechnologyDaily@1337:1/100 to All on Monday, May 18, 2026 14:15:24
    Grafana says hackers hit its GitHub environment, demand ransom to prevent codebase release but it's refusing to pay

    Date:
    Mon, 18 May 2026 13:05:00 +0000

    Description:
    CoinbaseCartel somehow obtained an access token and used it to steal files from the GitHub environment.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Grafana confirms its GitHub environment was accessed with a stolen token and its codebase exfiltrated Maintainers stressed no customer data or systems were impacted and security measures were reinforced A group called CoinbaseCartel claimed
    responsibility, linking the incident to broader ransomware activity Popular open source software platform Grafana has confirmed its GitHub environment
    was compromised and its codebase exfiltrated.

    In a breach notification, maintainers Grafana Labs explained that an unauthorized third party used a token to access its GitHub environment, where they were able to download the contents. While it didnt explain how the token was nabbed, Grafana said that the initial investigation determined that no customer data or personal information was accessed during this incident, and that there is no evidence that the breach impacted customer systems or operations. Latest Videos From You may like Be careful what you click - hackers use Claude Code leak to push malware Trellix confirms data breach after hack of 'a portion' of its source code Hackers can steal your GitHub tokens through OpenAIs Codex How to stay safe We immediately initiated forensic analysis and we believe weve identified the source of the credential leak, the maintainers further explained. To mitigate the risk, it rotated the credentials and introduced additional security measures, without detailing what they are.

    Grafana added that the attackers tried to extort the company, in exchange for deleting the stolen codebase, but stressed that it will take the FBIs advice and not engage with the threat actors.

    Their names were not mentioned in the announcement, but per The Hacker News , a collective called CoinbaseCartel claimed responsibility for the attack.

    This group is relatively unknown, since it first emerged in September 2025. Allegedly, it spun out of ShinyHunters, Scattered Spider, and the Lapsus$ groups - some of the most active and most dangerous ransomware players right now. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    In these past nine months, the group allegedly struck 170 organizations in different verticals, including technology, manufacturing, healthcare, transportation, and others.

    Grafana is an open-source observability and monitoring platform used to visualize metrics, logs, and system performance through dashboards. Grafana Labs, the company running and maintaining the platform, claims its tools are used by more than 35 million users worldwide, helping it generate more than $400 million in annual recurring revenue. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/grafana-says-hackers-hit-its-github-env ironment-demand-ransom-to-prevent-codebase-release-but-its-refusing-to-pay


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)