Grafana is a organization tracked across 19 threat clusters and 27 intelligence report mentions on ThreatCluster. First observed November 21, 2025; most recent activity July 15, 2026.
Grafana Labs has issued urgent security updates for version 12.4.2 to address two critical vulnerabilities that could allow attackers to achieve full remote code execution (RCE) and execute denial-of-service (DoS)…
A Remote Code Execution vulnerability (CVE-2026-31857) has been identified in Craft CMS versions prior to 5.9.9 and 4.17.4. The flaw exists in the BaseElementSelectConditionRule::getElementIds() method, which improperly…
GreyNoise Intelligence has released a report indicating that spikes in malicious activity often precede the disclosure of new vulnerabilities in edge devices. The study tracked 147.8 million sessions over 103 days,…
A critical vulnerability named GrafanaGhost has been identified in the Grafana observability platform, allowing attackers to exfiltrate sensitive data without user interaction or authentication. Discovered by Noma…
Miggo Security discovered two critical vulnerabilities in RabbitMQ, a widely used open-source message broker. The flaws, CVE-2026-57219 and CVE-2026-57221, were present since early 2024 and allow unauthenticated…
On May 20, 2026, GitHub confirmed a significant security breach involving a poisoned Visual Studio Code (VS Code) extension that compromised an employee's device. The attack, attributed to the TeamPCP hacking group,…
The Zeroday Cloud hacking competition in London awarded $320,000 to researchers for demonstrating 11 critical zero-day vulnerabilities in cloud infrastructure components. Hosted by Wiz Research in collaboration with…
Miggo Security has launched Miggo Pulse, a new platform designed to enhance cybersecurity by providing predictive exploit intelligence and closing the patch gap before vulnerabilities can be exploited. The platform…
Grafana Labs has issued critical patches for a severe vulnerability, CVE-2025-41115, affecting Grafana Enterprise versions 12.0.0 to 12.2.1. The flaw in the SCIM provisioning feature could enable attackers to escalate…
Grafana Labs has issued critical patches for a severe vulnerability (CVE-2025-41115) in its SCIM provisioning feature, which could enable attackers to escalate privileges or impersonate users. The flaw affects Grafana…