A public repository on GitLab found leaking source code owned by dozens of high-profile companies


A public repository on GitLab found leaking source code owned by dozens of high-profile companies like Microsoft, Adobe, Lenovo, AMD, Qualcomm, etc

As reported by Bleeping Computer, A public repository on GitLab is found with the exposed source code of high profile companies from various fields like tech, finance, retail, food, eCommerce, and manufacturing. The repository has leaked code of companies with big-name like Microsoft, Adobe, Lenovo, AMD, Qualcomm, Motorola, Hisilicon (owned by Huawei), Mediatek, GE Appliances, Nintendo, Roblox, Disney, Johnson Controls, and many more are being added.

Till Kottmann, Android developer, and tinkerer, also a reverse engineer has collected the leaked data of these companies, which are formed and dubbed as “exconfidential” or “Confidential & Proprietary,” are available in a public repository on GitLab.

The developer also said Bleeping Computer that the code they find are from easy to access-code and contain hardcoded credentials, which they try to minimize the direct effect to the company. “I try to do my best to prevent any major things resulting directly from my releases,” Kottmann

The developer further added that they do not inform all the affected companies about the leak, but try to minimize the leak for avoiding it to become a larger leak. He also mentioned that if the affected company says to remove its content then he does that with no time.

Although source code from dozens of firms has been leaked, Kottmann believes thousands of companies may have exposed proprietary code, primarily due to a failure to secure SonarQube installations.

Some businesses that take notice of their code becoming public don’t bother to remove it. In at least one instance, several developers at one company just wanted to know how Kottmann got the code and did not ask to take it down, wishing “a lot of fun.”

According to Bleeping Computer, In a Telegram channel, the developer offers details about leaks from others, including the Nintendo leak dubbed Gigaleak containing source code, development repos (lots of graphic prototypes) of multiple classic games (Super Mario World, a canceled Zelda 2 remake, Super Mario 64, The Legend of Zelda: Ocarina of Time).

For more news on tech and cybersecurity stay tuned on Android Rookies by subscribing to our newsletter from here.


About Author

Be Ready for the challenge

Notify of
Inline Feedbacks
View all comments