SlowMist Technology Chief Information Security Officer 23pds posted on the X platform that the open-source data lake visualization tool Grafana was recently suspected to have been attacked. The attackers used Gato-X to steal confidential signatures and attacked multiple codebases with app tokens. This workflow has a potentially related application private key, and the suspected attacker used a well-crafted branch name to inject JavaScript code and steal confidential information.