4 verified briefings on Source Code. Each story includes a plain-English summary, why it matters, and the concrete action engineering teams should take.
GitHub is investigating a claim by a threat actor group called TeamPCP. The group alleges it accessed GitHub's internal repositories and is attempting to sell the platform's source code on a cybercrime forum. GitHub has found no evidence that customer data has been impacted so far.
Grafana Labs confirmed a security breach limited to its GitHub environment, exposing public and private source code. The company stated that its investigation found no evidence of customer production systems being compromised. The incident was linked to a supply chain attack involving a TanStack npm package.
Grafana Labs has disclosed a security incident where attackers used a stolen GitHub access token to access its environment. The breach resulted in the unauthorized download of some of its source code. Grafana is investigating but states no customer data was compromised.
Grafana has disclosed a security incident where an unauthorized party gained access to its GitHub environment using a stolen token. The attacker was able to download the company's codebase. Grafana's investigation found no evidence that customer data or systems were affected by the breach.