TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

50% Positive

Analyzed from 180 words in the discussion.

Trending Topics

#grafana#https#codebase#github#com#wonder#pay#don#dane#recently

Discussion (9 Comments)Read Original on HackerNews

dijksterhuisabout 2 hours ago
non-twitter link https://xcancel.com/grafana/status/2055827123236171827#m
sangeeth96about 1 hour ago
I wonder if this is related to the supply chain attack they talked about at GrafanaCon[1] or a fresh leak. If latter, wonder what they missed since it seemed like they got their detectors/scanners set up well. Curious to read the report on this.

[1] https://youtu.be/4D068lS85NY

ooriabout 2 hours ago
Quote: “ The attacker attempted to blackmail us, demanding payment to prevent the release of our codebase. ...we’ve determined the appropriate path forward is to not pay the ransom.”
deathanatosabout 1 hour ago
Don't pay the Dane-geld: https://en.wikipedia.org/wiki/Dane-geld_(poem)
iririririrabout 2 hours ago
aren't they just psql tho? well, i guess we will find out soon.
anotherhueabout 3 hours ago
Their whole repo had been made public !!!!

https://github.com/grafana/grafana

/s

jchwabout 2 hours ago
This is worse than the Linux kernel source code leaks of April 1st.
essephabout 1 hour ago
I think they mean grafana cloud.
fsckboyabout 2 hours ago
>We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase.

I don't much like the securityese dialect of bureaucratese, but doesn't it make more sense as "We recently discovered that a threat actor obtained a token with access to the Grafana Labs GitHub environment, enabling the unauthorized party to download our codebase" ?

you can't just drop in buzzwords willy nilly, they buzz better in the right places.