A group of security researchers took to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. The vulnerability in the game engine propagates to products built with it. Multiple game titles built with Source are affected and require a patch to eliminate the risk to users. Counter Strike: Global Offensive (CS:GO) continues to affect the latest release of CS:GO. An attacker could leverage this RCE vulnerability to steal sensitive information like banking information.
Source: https://www.bleepingcomputer.com/news/security/cs-go-valve-source-games-vulnerable-to-hacking-using-steam-invites/