Trust Center

In response to the recently disclosed React Server Components vulnerability, CVE-2025-55182, Datadog security conducted an investigation and confirmed that we are not impacted. However, we suggest customers refer to our Research Feed and Security Labs blog post for guidance to assess potential exposure and take the suggested mitigations to secure their applications.

Since the Shai-Hulud worm campaign affecting NPM packages began in September 2025, we have been assessing our own environment for impact and have confirmed that Datadog has not been impacted by the initial iteration nor the most recent Shai-Hulud 2.0 worm campaign. We have implemented detections for the worm, and are continuously monitoring for infected packages and reviewing potential usage at Datadog. Independent of this campaign, Datadog also proactively monitors for exposure of customer Datadog credentials, such as API and Application keys, and notifies impacted customers.

We’re pleased to announce that summaries of the 2025 penetration tests for Datadog, Cloudcraft, and CoScreen (performed by NCC Group), as well as Metaplane (performed by Cobalt Group), are available on our security portal. These summaries are accompanied by Letters of Assessment.

We conducted an internal investigation and confirmed there is no direct impact to Datadog from the Salesloft Drift breach. Datadog has never installed or used any Salesloft integration, including Drift.

We are actively engaging with our vendors to assess any potential indirect impact through our supply chain.

This incident has been resolved and our investigation is complete.
We are now focusing on any action items to protect us from similar future events. In parallel, we are working on a post mortem about the incident which will be available upon request.
If you have any questions, please reach out to your Customer Success Manager or Account Executive.

We also identified a small number of customer API keys (used to send data to Datadog) in an exposed repository, and have contacted the affected customers directly advising them to disable and rotate these keys.

We are aware of the access by an unauthorized third party to a number of Datadog source code repositories. As part of our response, we identified the employee account that was compromised, secured access to the impacted repositories and verified that there was no access to our corporate network, customer environments or any datastore used to host our customer’s observability data.