A threat actor claims to have maintained undetected access to Airbus SE’s DevOps environment for over two months and is attempting to sell files exfiltrated from an Airbus JFrog Artifactory instance. Available file listings reportedly include software build artifacts, dependencies, source code assemblies, checksum files, and development modules tied to Airbus Helicopters and internal projects such as elogcard, ged, hcommunity, keycopterneo, and newsroom. #Airbus #JFrogArtifactory #AirbusHelicopters #elogcard #keycopterneo
Keypoints
- A threat actor claims undetected access to Airbus SE’s DevOps environment for over two months.
- The actor is attempting to sell exfiltrated files from an Airbus JFrog Artifactory instance.
- Exposed data reportedly includes software build artifacts, dependencies, and internal source code assemblies.
- File types listed include .jar and .war archives, .pom build files, and checksum files (.md5, .sha1, .sha256).
- Some development artifacts are explicitly tied to Airbus Helicopters and projects like elogcard, ged, hcommunity, keycopterneo, and newsroom.
Read More: https://dailydarkweb.net/airbus-se-devops-environment-data-breach/