From zdnet.com
The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses.
Intrusions have taken place since at least April 2020, the FBI said in an alert sent out last month and made public this week on its website.