TechFlow, on April 27, according to SlowMist security team's Chief Information Security Officer 23pds (@im23pds), the open-source data visualization tool Grafana may have been hacked. The attacker used Gato-X to steal secret signing keys and attacked multiple code repositories using application tokens.
It is reported that the attacker may have injected JavaScript code by crafting malicious branch names to steal sensitive information. Potential targets of the attacker include: generating high-privilege GitHub tokens via tibdex/github-app-token, manipulating the grafana/grafana repository (including code, branches, and release workflows), and implanting covert backdoors or tampering with future release packages.




