The FBI issues a warning of a successful intrusion into some US government agencies and private businesses by unnamed threat actors. Unidentified threat actors used SonarQube configuration vulnerabilities in their attacks. The FBI also published a list of possible mitigations to help protect entities using the open-source platform. This activity is similar to a previous data leak in July 2020, in which an identified cyber actor exfiltrated proprietary source code from enterprises through poorly secured SonarZube instances and published the exfilted source code on a self-hosted public repository.”]