Trust Center

We’re pleased to announce that Datadog has achieved ISO 42001 certification, the international standard for responsible development and use of AI management systems (AIMS).

For details on what this means for your organization and our ongoing commitment to trust and accountability, please see our blog post.

We are aware of the recently disclosed malicious LiteLLM PyPI packages (versions 1.82.7 and 1.82.8) and have investigated Datadog’s potential exposure. We are also following closely the activity of this threat actor group and its potential impact on the supply chain of Datadog software.

Our exposure was limited to a build pipeline for a single internal project. We have contained the affected systems, and determined that the malicious activity was interrupted before any data exfiltration occurred. We have identified no impact to customer environments or customer data.

For clarity, while Datadog offers a LiteLLM monitoring integration package as part of the Datadog Agent integrations, the Datadog Agent does not bundle the compromised LiteLLM PyPI package as a dependency. The Datadog Agent and this integration are therefore not affected by this issue.

In response to CVE-2026-33728, an unsafe deserialization vulnerability (CVSS 9.3) in dd-trace-java's RMI instrumentation that could allow remote code execution (RCE), Datadog has released a patched version, v1.60.3. This vulnerability affects com.datadoghq:dd-java-agent versions >= 0.40.0 and <= 1.60.2. The Datadog platform is not affected, and customer exposure depends on their network configuration and whether the conditions for exploitation are met. We have not found any signs of exploitation or known indicators of compromise.

Customers are encouraged to upgrade to v1.60.3 or later at their earliest opportunity.

Please refer to the advisory for details, conditions required for exploitability, and available mitigations.

In response to the supply-chain attack disclosed on March 19, 2026 targeting Trivy v0.69.4, which involved a malicious binary and poisoned GitHub Actions releases, Datadog Security conducted an investigation and confirmed that we are not impacted. However, we suggest customers refer to our Research Feed for guidance to assess potential exposure and take the suggested mitigations.

As an update to your 'hackerbot-claw' notification, we have drafted an engineering blog post to our public site that provides additional details on how Datadog identifies and blocks these attack patterns.

Please review our latest post: When an AI agent came knocking: Catching malicious contributions in Datadog’s open source repos

On February 27, 2026 at 06:27 UTC, we identified and blocked four malicious issues and pull requests targeting datadog-iac-scanner, a project we’ve recently made source-available, and that we use as part of our Infrastructure as Code (IaC) Security product.

What Happened?

A GitHub user identified as ‘hackerbot-claw’, used LLMs to open a number of malicious pull requests to various open source repositories, including several maintained by Datadog.

What did Datadog do?

We launched an investigation using our internally built system against these 4 pull requests and issues and were able to block them from merging into our repos.

We are drafting an engineering blog post to our public site in the following days with additional details on how Datadog identifies and blocks these attack patterns. We will be updating this notification with the engineering blog post link with additional details. If you have any questions or concerns, please reach out via Support channels.

Thanks,
Datadog Security