silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,165
Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure.
A public repository of leaked code includes big names like Microsoft, Adobe, Lenovo, AMD, Qualcomm, Motorola, Hisilicon (owned by Huawei), Mediatek, GE Appliances, Nintendo, Roblox, Disney, Johnson Controls; and the list keeps growing.
The leaks have been collected by Tillie Kottmann, a developer and reverse engineer, from various sources and from their own hunting for misconfigured devops tools that offer access to source code.
A large number of these leaks, which go by the name “exconfidential” or the more tongue-in-cheek label “Confidential & Proprietary,” are available in a public repository on GitLab
According to Bank Security, a researcher focused on banking threats and fraud, code from more than 50 companies is published in the repository. Not all folders are populated, though, but the researcher says that credentials are present in some cases. [...]