Grafana Labs Confirms Hackers Stole Source Code
Open source tool maker Grafana says hackers stole codebase via GitHub breach
Source code reveals how software works, helping security teams identify vulnerabilities, exposed secrets, and unsafe logic before attackers can exploit them.
Search across headline titles and summaries.
Background for this topic.
Source code is the human-readable text programmers write in a language such as Python, Java, or C before it is compiled or interpreted into a running program. It defines the program’s logic, data handling, and interactions with operating systems, networks, and other services. Source code may include application code, scripts, and configuration that controls software behavior.
In security, exposed or improperly protected repositories can disclose credentials, private keys, internal endpoints, or details that help attackers find exploitable flaws. Vulnerabilities may also enter through unsafe coding patterns, outdated dependencies, or malicious changes to code and build pipelines. Defenses include least-privilege repository access, secret scanning, peer review, static analysis, dependency and software-composition checks, and integrity controls for releases. Preserving commit history and build provenance helps investigators determine what changed and whether delivered software matches reviewed source.
Weekly headline count for the current query.
Open source tool maker Grafana says hackers stole codebase via GitHub breach
Security vendor Trellix has suffered a breach involving unauthorized access
F5 has admitted a nation state actor has stolen source code and information on undisclosed vulnerabilities
SecurityScorecard identified a new campaign in which the North Korean Lazarus group aims to steal source code, secrets and cryptocurrency wallet keys from developer environments
Hackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code
An anonymous 4Chan user is claiming to have shared a trove of source code stolen from the New York Times
Threat group APT29 is using secrets stolen in an earlier attack to compromise Microsoft’s internal systems
Cloudflare revealed suspected nation-state attackers compromised its systems and accessed source code using credentials stolen in the Okta breach
An unauthorized party caused the intermittent redirection of customer websites
Reddit said there was “no indication” of a breach of the company’s primary production systems
Ransomware actors stole source code, company reveals
The hacker behind a tool used by Black Basta had access to the source code used by FIN7
Cyber-criminals could use the leaked source code to help launch attacks
Roughly 50% of all the apps analyzed were seen using the same AWS tokens found in other apps
Password management firm reveals incident in early August
Tech company confirms source codes for Galaxy devices among data snatched in cyber-attack