- Cybergenws found “Serious Wrong Configurations” at Tencent Cloud -Places
- Tencent Cloud seemed to have leaked files for several months
- The leak is now connected but users still need to be careful
Tencent Cloud, one of Asia’s largest sky providers, leaked the login -credentials and internal source code, which put countless customers at risk of data violations, theft, imitation and more experts have warned.
Security researchers on Cygenerws Found, “serious misunderstandings affecting two Tencent web sites” that exposed environmental files containing hard -coded credentials (including login information that provided access to Tencent’s internal admin console), and a .Git catalog that stores the entire story of a software project (including sensitive source code and configuration details.
Cygenerws found the leak at the end of July 2025, while scanning the Internet after incorrectly configured systems, and after a study, the files were publicly available for months, started at least from April 2025 and warned that they could have been used for all kinds of malicious activities.
Staging and production
“If they are found by a malicious actor, these credentials could provide full access to backend infrastructure or internal services within Tencent Cloud,” the researchers said.
Cygenerws believes that the exposed data was used for staging and production environments, which means both could have been affected. To make things worse, the vulnerable passwords were also weak and vulnerable to dictionary attacks. Many contained company names, years and a few symbols, which made them relatively large to break with a small automation.
Cygenerws Says it reached Tencent Cloud with their findings and was told that this was a previously known topic – someone already reported it. The company connected the hole that the researchers praised, but warned that it could have been too late:
“The long -standing exposure raises alarming questions about how many scraping bots already have access to this data and whether they have already been used for malicious purposes,” they said.
With access to these files and folders, a threat actor could get full admin -access to production systems, manipulate API services, pivot further into Tencent’s internal cloud infrastructure and more.
