Blog | G5 Cyber Security

Threat Actors Stole Source Code from SonarQube Instances of US Government Agencies, Says FBI

The FBI issues a warning of a successful intrusion into some US government agencies and private businesses by unnamed threat actors. Unidentified threat actors used SonarQube configuration vulnerabilities in their attacks. The FBI also published a list of possible mitigations to help protect entities using the open-source platform. This activity is similar to a previous data leak in July 2020, in which an identified cyber actor exfiltrated proprietary source code from enterprises through poorly secured SonarZube instances and published the exfilted source code on a self-hosted public repository.”]

Source: https://www.bitdefender.com/blog/hotforsecurity/threat-actors-stole-source-code-from-sonarqube-instances-of-us-government-agencies-says-fbi/

Exit mobile version