The Unintended Leak of Mercedes-Benz Source Code: A Consequence of a Published Password Error

Gettyimages 103035382
Mercedes-Benz accidentally exposed a trove of internal data after leaving a private key online that gave “unrestricted access” to the company’s source code, according to the security research firm that discovered it. The London-based cybersecurity company said it discovered a Mercedes employee’s authentication token in a public GitHub repository during a routine internet scan in January. According to Mittal, this token — an alternative to using a password for authenticating to GitHub — could grant anyone full access to Mercedes’s GitHub Enterprise Server, thus allowing the download of the company’s private source code repositories. “The GitHub token gave ‘unrestricted’ and ‘unmonitored’ access to the entire source code hosted at the internal GitHub Enterprise Server,” Mittal explained in a report shared by TechCrunch. It’s not known if anyone else besides Mittal discovered the exposed key, which was published in late-September 2023.

“Revolutionize the Music Industry on-the-go with’s Latest Venture, Sound Drive”

Mercedes Will I Am
The new venture will launch this summer in Mercedes-Benz’s electric EQ models, told TechCrunch during a press event. That car had 16 Sound Drive tracks loaded, some familiar and others created especially for the experience. Sound Drive is not quite a performance as such, likens being a conductor or DJ, but that’s just the beginning. Down the road, Sound Drive will let you geotag samples, linking auditory cues with memories. Mercedes-Benz is the first partner, where the technology will launch with 10 tracks this summer as MBUX Sound Drive.