"French Rugby Club Leaks Source Code"
The professional rugby union club Stade Francais exposed its followers to security risks for almost a year after its website's source code leaked. Stade Francais is a Paris-based rugby union club with hundreds of thousands of devoted social media fans. Researchers at Cybernews found that the server hosting the official Stade Francais website was leaking its source code via the publicly accessible .git directory. Poor access control to .git directories potentially allowed threat actors to make unauthorized changes to the club's server. If the threat actors had exploited the vulnerability, user data may have been compromised, and the server could have been taken over. Unauthorized access to the website's .git directory made it possible for anyone to download the application's source code. It raises concerns because threat actors could have used this access to trick unsuspecting users into installing malicious applications. Threat actors could have also used the access to add skimmers that allow payment card stealers on the website's online store. This article continues to discuss the leak of the Stade Français website's source code.