Agents
GrafanaGhost: Zero-Click AI Prompt Injection Exfiltrates Enterprise Data from Grafana Observability Platform
Noma Security disclosed GrafanaGhost on April 7 — a prompt injection attack where adversarial instructions hidden on attacker-controlled web pages cause Grafana's AI capabilities to silently exfiltrate financial metrics, infrastructure telemetry, and customer records without credentials. Researchers bypassed guardrails using protocol-relative URLs for domain validation circumvention and the INTENT keyword to disable model safety. Grafana patched the core issue; no in-the-wild exploitation confirmed.
Source
↳ Follow the thread