福利中心

小红花-Learn & Explore-博客

小红花-Learn & Explore-快讯

币圈-币圈-未来事件

小红花-Learn & Explore-聊天室

小红花-Learn & Explore-直播

小红花-Learn & Explore-动态

币圈

芝麻金融-更多-ETH2.0挖矿

芝麻金融-更多-法币理财

芝麻金融-更多-抵押借币

链上赚币

芝麻金融-理财-双币宝

芝麻金融-理财-定期理财(屯币)

芝麻金融-理财-结构性理财

芝麻金融-理财-理财宝

芝麻金融-更多-财富管理

芝麻金融-理财-余币宝

量化基金

GT挖矿

芝麻金融-更多（理财产品）

芝麻金融-理财（打新）

launchpool

launchpad

赚币-HODLer Airdrop

candy_drop

web3 Airdrop

BTC挖矿

赚币

模拟交易

衍生品-期权

衍生品-交割合约

衍生品-永续合约

合约入门

合约活动

衍生品-统一账户

衍生品

交易-杠杆ETF

交易-杠杆交易

交易-闪兑

交易-现货交易

交易-创新交易

交易-交易工具

交易-交易类型

交易-合约跟单

交易-机器人广场

交易-盘前交易

Alpha

交易

行情

买币-gateCard

卖币

买币-快捷交易

买币

买币-paywith

法币定投

小红花-推广

新手指南

活动中心

小红花-Learn & Explore-学院

小红花-Exchange-最新公告

小红花-Exchange-帮助中心

gate商店

小红花-Promotions-邀请计划

小红花-promotions-代理商

储备金

vip服务

合作伙伴

小红花-Promotions-机构和VIP服务

Gate OTC

cextg小程序

机构-经纪商项目

web3

According to Gate.io News bot, as reported by Wu, 23pds, the Chief Information Security Officer of Slow Fog, disclosed on social media that the open source data visualization tool Grafana recently encountered a security incident. Attackers used the Gato-X tool to steal confidential signatures and launched attacks on multiple code repositories using App tokens. According to 23pds's description, the attackers successfully injected JavaScript code and obtained confidential information through carefully crafted branch names. The attack involved the private key of an application within a workflow.

GATO

Private Key

According to the Gate.io News bot, Wu Shuo reported that SlowMist's Chief Information Security Officer 23pds disclosed on social media that the Open Source data visualization tool Grafana recently encountered a security incident. Attackers used the Gato-X tool to steal confidential signatures and launched attacks on multiple code repositories using App tokens. According to 23pds's description, attackers successfully injected JavaScript code and obtained confidential information through carefully crafted branch names. This attack involved a Private Key of an application in a workflow.

Gate.io News bot消息，据吴说报道，慢雾首席信息安全官23pds在社交媒体上披露，开源数据可视化工具Grafana近期遭遇安全事件。攻击者通过Gato-X工具窃取机密签名，并利用App令牌对多个代码库发起攻击。根据23pds的描述，攻击者通过精心构造的分支名称，成功注入JavaScript代码并获取机密信息。该攻击涉及一个工作流程中的应用程序私钥。

Grafana遭遇安全事件：攻击者利用Gato-X窃取签名数据

Grafana Experiences Security Incident: Attackers Use Gato-X to Steal Signature Data