
Ghosted by Grafana
From Research Saturday by N2K Networks
May 23, 2026 · 26 min · Season 10 · Episode 426
About this episode
The episode discusses a vulnerability in Grafana that allows attackers to exfiltrate sensitive data using indirect prompt injection techniques.
Today we are joined by Sasi Levi, Security Research Lead at Noma Security, sharing their team's work on "GrafanaGhost: The Phantom Stealing Your Data." Researchers at Noma Security disclosed “GrafanaGhost,” a vulnerability that could allow attackers to silently exfiltrate sensitive business data from Grafana dashboards using indirect prompt injection techniques. The attack chains together multiple bypasses, including protocol-relative URLs and AI guardrail manipulation, to trick Grafana into sending sensitive data to attacker-controlled servers without requiring user interaction. Researchers say the flaw highlights growing risks tied to AI-integrated enterprise platforms, where attackers increasingly target AI behavior and weak security controls instead of traditional software bugs. The research and executive brief can be found here: GrafanaGhost: The Phantom Stealing Your Data Learn more about your ad choices. Visit megaphone.fm/adchoices
People in this episode
Guest: Sasi Levi
Topics covered
- vulnerability
- data exfiltration
- AI security
- Grafana
- indirect prompt injection
- enterprise platforms
Keywords
- Grafana
- vulnerability
- data exfiltration
- AI
- security
- Noma Security
- GrafanaGhost
Mentioned in this episode
Organizations: Noma Security, Grafana
Books & works: GrafanaGhost: The Phantom Stealing Your Data
More episodes of Research Saturday
- The skills pay the bills. · May 30, 2026 · 24 min
- Scam papers served. · May 16, 2026 · 27 min
- The spy who logged me in. · May 9, 2026 · 24 min
- Double-edged threat. · May 2, 2026 · 31 min
- A QRazy clever scam. · April 25, 2026 · 19 min
- A new breed of RAT. · April 18, 2026 · 22 min
Explore listener stats, chart rankings, contacts and more on the Research Saturday podcast page.