网络犯罪团伙Crimson Collective声称入侵了Red Hat的私人GitHub仓库,窃取了570GB数据,包括28,000个项目和800份客户参与报告(CER),涉及敏感网络信息。Red Hat确认了此次数据泄露,并采取补救措施,但强调事件不影响其他服务或产品安全。 2025-10-2 10:37:5 Author: securityaffairs.com(查看原文) 阅读量:21 收藏
Cybercrime group claims to have breached Red Hat ‘s private GitHub repositories
The cybercrime group calling itself the Crimson Collective claimed to have compromised Red Hat ‘s private GitHub repositories.
The Crimson Collective claimed it had stolen 570GB from Red Hat ’s private GitHub repositories, including 28,000 projects and approximately 800 Customer Engagement Reports (CERs) with sensitive network data. CERs often contain sensitive info, including infrastructure details, configurations, and tokens that attackers could exploit to target customers’ networks.
The U.S.-based multinational software company confirmed the data breach, but did not verify Crimson Collective.
On September 24, 2025, the threat actors shared on a Telegram channel a full file tree, CER list, and screenshots as proof of the security breach.
“Btw gained access to some of their client’s infrastructure as well, already warned them but yeah they preferred ignoring us,” the Crimson Collective wrote on Telegram.
The file tree includes thousands of repositories referencing major banks, telecoms, airlines, and public-sector organizations, such as Citi, Verizon, Siemens, Bosch, JPMC, HSBC, Merrick Bank, Telstra, Telefonica, and even mentions the U.S. Senate.
— International Cyber Digest (@IntCyberDigest) October 1, 2025‼️🚨 Red Hat breached: Crimson Collective stole 28k private repositories, including credentials, CI/CD secrets, pipeline configs, VPN profiles, and infrastructure blueprints.
Our analysis of obtained data: 👇 pic.twitter.com/ECMYLlHqyj
The threat actor also shared evidence of their attempt to contact RedHat.
Red Hat said protecting systems and data is a top priority, adding the incident doesn’t affect its other services or products, and its supply chain remains secure.
“Red Hat is aware of reports regarding a security incident related to our consulting business and we have initiated necessary remediation steps,” Red Hat told BleepingComputer.
“The security and integrity of our systems and the data entrusted to us are our highest priority. At this time, we have no reason to believe the security issue impacts any of our other Red Hat services or products and are highly confident in the integrity of our software supply chain.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
如有侵权请联系:admin#unsafe.sh