> TritonInfoSec News
Home / May 19, 2026 / Story
0
#3 SecurityWeek general May 18, 2026 at 08:34 UTC

Grafana Confirms Breach After Hackers Claim They Stole Data

By Eduard Kovacs

AI Summary

Grafana confirmed a breach in which attackers used a stolen GitHub access token to download its entire source code repository. The attack has been linked to Coinbase Cartel, a cybercrime group associated with ShinyHunters, Scattered Spider, and Lapsus$. Grafana publicly stated it refused to pay the ransom, and the stolen token represents a textbook supply chain access vector targeting developer credentials.

Read full article → https://www.securityweek.com/grafana-confirms-brea…

Relevance score: 88.0/100

# More from May 19

  1. 1
    CISA Admin Leaked AWS GovCloud Keys on Github Krebs on Security
  2. 2
    Microsoft Exchange Zero-Day Under Attack, No Patch Available Dark Reading
  3. 4
    MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems The Hacker News
  4. 5
    Zero-Day Exploit Against Windows BitLocker Schneier on Security
  5. 6
    Exploitation of Critical NGINX Vulnerability Begins SecurityWeek
  6. 7
    Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026 BleepingComputer
  7. 8
    Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws The Hacker News
  8. 9
    Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware The Hacker News
  9. 10
    7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand SecurityWeek