SecurityWeek

GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data

A vulnerability in how Grafana’s AI components process information could allow attackers to bypass the application’s safeguards and leak enterprise information, new research from Noma Security shows.
Bleeping Computer

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...