New Blog: Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised
Edit Calendar Icon 19 May 2026
SafeDep Logo
npm

grafana-sentry-datasource

grafana-sentry-datasource is identified in the SafeDep analysis "Malicious npm Packages using Burp Collaborator for Dependency Confusion Attack". Multiple npm packages impersonating popular package names were published to the npm registry including by a Snyk researcher apparently targeting internal packages at Cursor AI.

discovered 2025-01-16

Threat types

ratpersistencedependency_confusiontyposquat

Malicious versions

  • 1.0.4

Campaigns

Techniques

Read the full analysis →