Security News

A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum. As first noticed by security researcher vx-underground, an alleged member of the Babuk group released the full source code for their ransomware on a popular Russian-speaking hacking forum.

The complete source code for the Paradise Ransomware has been released on a hacking forum allowing any would-be cyber criminal to develop their own customized ransomware operation. Security Joes researcher Tom Malka, who shared the source code with BleepingComputer, compiled the package and found it creates three executables - a ransomware configuration builder, the encryptor, and a decryptor.

Potential buyers could be interested in using the source code to game the game to make millions, perhaps sounding EA's death knell in the process. The news that games giant Electronic Arts was hacked and the source code and software development kits to many popular games like FIFA 21 and 22 as well as the source code to Frostbite, the games engine that powers many of popular titles such as Madden, Need for Speed and Battlefield, has spread like wildfire in the past 24 hours.

Hackers have breached computer game maker Electronic Arts and stolen source code and related tools for the company's extensive game library, the company has confirmed. EA said it's investigating "a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen," according to a statement published in numerous online reports.

California-based gaming giant Electronic Arts has confirmed that hackers gained access to some of its systems and managed to steal source code, but claimed that no user data was compromised. Posts published on various cybercrime forums in the past few days have claimed that EA had been breached and that 780 Gb of data has been stolen from the company, including source code and tools.

Hackers have breached the network of gaming giant Electronic Arts and claim to have stolen roughly 750 GB of data, including game source code and debug tools. EA confirmed the data breach in a statement sent to BleepingComputer saying that this "Was not a ransomware attack, that a limited amount of code and related tools were stolen, and we do not expect any impact to our games or our business."

As reported by BleepingComputer last month, popular code coverage tool Codecov had been a victim of a supply-chain attack that lasted for two months. During this two-month period, threat actors had modified the legitimate Codecov Bash Uploader tool to exfiltrate environment variables from Codecov customers' CI/CD environments.

Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. "A small subset of our source code repositories for internal tooling for our service was accessed by an unauthorized party outside of Rapid7," the Boston-based firm said in a disclosure.

US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool. Only internal credentials and tooling source code accessed.

Rapid7 says unauthorized third-party accessed source code, customer data during Codecov supply chain breach. Enterprise security vendor Rapid7 says it was among the victims of the Codecov software supply chain attack and warned Thursday that data for a subset of its customers was accessed in the breach.