A coordinated cyberattack exploiting the known Grafana vulnerability CVE-2021-43798 has resurfaced, with an alarming spike in exploitation attempts observed on September 28, 2025. Attackers primarily from Bangladesh, China, and Germany targeted systems internationally, including several critical infrastructure points, leveraging unpatched Grafana instances to execute directory traversal attacks and file disclosures. Despite patches being available since December 2021, many Grafana deployments remain vulnerable, exposing sensitive operational data and internal configurations. In India, Grafana is increasingly used in critical infrastructure, particularly in sectors such as telecommunications, IT services, and government digital monitoring platforms, where it facilitates real-time infrastructure monitoring through dashboards integrated with Prometheus and Kubernetes environments. This usage underlines the urgency for organizations to apply timely patches and adopt a zero-trust security model to prevent further attacks. Recent security updates in 2025 have addressed newer flaws, yet legacy vulnerabilities like CVE-2021-43798 continue to pose significant risks, emphasizing continuous monitoring and prompt remediation as cybersecurity imperatives across India’s critical infrastructure landscape.