Techly NewsGet the app

Get the latest tech news

Mercedes-Benz accidentally shared its source code and business secrets with the whole world | A perplexing human error put the German carmaker's IT security at risk


UK-based security company RedHunt Labs recently discovered an authentication token belonging to a Mercedes-Benz employee. The token was hosted in a public GitHub repository, as stated by...

The token was hosted in a public GitHub repository, as stated by RedHunt co-founder Shubham Mittal, and it could have been exploited to gain "unrestricted access" to business secrets and other crucial authentication credentials of the German automotive giant. The GitHub token provided "unrestricted" and "unmonitored" access to a large amount of Mercedes-Benz intellectual property files, including blueprints, design documents, and other "critical" internal information. Worse still, Mittal confirmed (with evidence) that the insecure repositories exposed keys for Microsoft Azure and Amazon Web Services (AWS) servers, a Postgres database, and even the source code for Mercedes-Benz software.

Get the Android app

Or read this on r/technology

Read more on:

Photo of World

World

Photo of Security

Security

Photo of risk

risk

Related news:

News photo

Why the world’s biggest EV maker is getting into shipping

News photo

WaveAerospace has announced "the world's fastest multirotor UAS," a "new class of aircraft" | A quadcopter drone with a 300+ mph jet turbine in the middle, capable of all-weather operation.

News photo

German Police Secure $2 Billion In Bitcoin From Pirate Site Operators

« Silent Hill: The Short Message is free first-person horror and out today