Airbus SE, a European aerospace corporation known for designing and manufacturing commercial aircraft, helicopters, and defence equipment, has allegedly been compromised by a threat actor. The actor claims to have maintained undetected access to the company’s DevOps environment for over two months and is currently attempting to sell exfiltrated files from an Airbus JFrog Artifactory instance.
According to the extensive file tree provided by the actor, the allegedly compromised data includes various software development build artifacts, dependencies, and internal source code assemblies. The exposed directory structure includes:
- Java application archive files (
.jarand.warfiles). - Project Object Model (
.pom) build configuration files. - Cryptographic hash and checksum files (
.md5,.sha1, and.sha256). - Source code assembly binaries and ZIP archives.
- Development artifacts and modules explicitly tied to Airbus Helicopters, including internal projects named
elogcard,ged,hcommunity,keycopterneo, andnewsroom.
Daily Dark WebRead More
R1
T1
