Security News
Threat actors are auctioning the alleged source code for CD Projekt Red games, including Witcher 3, Thronebreaker, and Cyberpunk 2077, that they state were stolen in a ransomware attack. Yesterday, CD Projekt suffered a ransomware attack where the attackers claim to have stolen unencrypted source code for Cyberpunk 2077, Witcher 3, Gwent, and an unreleased version of Witcher 3.
Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the company's support ticket system and steal source code for Stormshield Network Security firewall software. StormShield is a French cybersecurity firm that develops UTM firewall devices, endpoint protection solutions, and secure file management solutions.
Multiple code repositories from Nissan North America became public this week after the company left an exposed Git server protected with default access credentials. The entire collection is around 20 gigabytes large and contains source code for mobile apps and various tools used by Nissan internally for diagnostics, client acquisition, market research, or NissanConnect services.
Microsoft on Thursday revealed that the threat actors behind the SolarWinds supply chain attack were able to gain access to a small number of internal accounts and escalate access inside its...
The threat actors behind the SolarWinds attack could breach internal Microsoft accounts to view the source code for Microsoft products. [...]
The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Twelve days ago, a repository was created on GitHub that contains what appears to be the source code for Cobalt Strike 4.0.
GitHub's CEO has denied that the site's source code was posted to GitHub. News of the supposed leak and posting came from a site called Resynth that linked to a Wayback Machine snapshot of a GitHub repo that purported to be the work of GitHub CEO Nat Friedman and was labelled "This is GitHub.com and GitHub Enterprise."
The source code for the KPot information stealer was put up for auction, with the REvil ransomware operators apparently being the sole bidders, threat intelligence provider Cyjax reports. The KPot developers announced a couple of weeks ago that they were auctioning the malware's source code, with a starting price of $6,500.
The Federal Bureau of Investigation issued a flash alert warning of hackers stealing data from U.S. government agencies and enterprise organizations via internet-exposed and insecure SonarQube instances. Vulnerable SonarQube servers have been actively exploited by attackers since April 2020 to gain access to data source code repositories owned by both government and corporate entities, later exfiltrating it and leaking it publicly.
Microsoft's long-lived operating system Windows XP-that still powers over 1% of all laptops and desktop computers worldwide-has had its source code leaked online, allegedly, along with Windows Server 2003. The source code for Microsoft's 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and it's for the very first time when source code for Microsoft's operating system has been leaked to the public.