A hacker using the handle “888” posted a listing on the cybercrime forum PwnForums this week claiming to have stolen just over 35GB of Accenture’s source code.

Accenture has not issued a public statement addressing what left the building, whether client data was touched, or when the intrusion happened. The claim has not been independently verified beyond the forum post itself.

Source-code repos and cloud credentials are the raw material of this economy now. The same week, CISA added a Langflow flaw, CVE-2026-55255, to its exploited-vulnerabilities catalog after attackers used it to harvest LLM provider keys and cloud secrets out of live AI workflows. Credentials cash out faster than files do.

Attackers were exploiting a maximum-severity ColdFusion bug within minutes of researchers publishing technical details on the flaw Adobe patched June 30 in bulletin APSB26-68, the same week CISA logged the Langflow flaw in its exploited-vulnerabilities catalog. Accenture hasn’t filed anything with regulators. The forum listing doesn’t have a price yet.

— Marcus Webb