
Sign up to save your podcasts
Or


Today we are joined by Sasi Levi, Security Research Lead at Noma Security, sharing their team's work on "GrafanaGhost: The Phantom Stealing Your Data." Researchers at Noma Security disclosed “GrafanaGhost,” a vulnerability that could allow attackers to silently exfiltrate sensitive business data from Grafana dashboards using indirect prompt injection techniques.
The attack chains together multiple bypasses, including protocol-relative URLs and AI guardrail manipulation, to trick Grafana into sending sensitive data to attacker-controlled servers without requiring user interaction. Researchers say the flaw highlights growing risks tied to AI-integrated enterprise platforms, where attackers increasingly target AI behavior and weak security controls instead of traditional software bugs.
The research and executive brief can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
By N2K Networks4.4
88 ratings
Today we are joined by Sasi Levi, Security Research Lead at Noma Security, sharing their team's work on "GrafanaGhost: The Phantom Stealing Your Data." Researchers at Noma Security disclosed “GrafanaGhost,” a vulnerability that could allow attackers to silently exfiltrate sensitive business data from Grafana dashboards using indirect prompt injection techniques.
The attack chains together multiple bypasses, including protocol-relative URLs and AI guardrail manipulation, to trick Grafana into sending sensitive data to attacker-controlled servers without requiring user interaction. Researchers say the flaw highlights growing risks tied to AI-integrated enterprise platforms, where attackers increasingly target AI behavior and weak security controls instead of traditional software bugs.
The research and executive brief can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices

375 Listeners

1,030 Listeners

207 Listeners

317 Listeners

421 Listeners

8,051 Listeners

178 Listeners

313 Listeners

192 Listeners

14 Listeners

145 Listeners

136 Listeners

33 Listeners

19 Listeners