Discovered by The Secret Club (@the_secret_club), which is a non-profit, reverse-engineering group, the critical bug uses Steam’s invite system to access your PC. A hacker can send a special link to a user by exploiting the bug. Once the user clicks on the link to accept the invite, the hacker could get into the user’s system and acquire sensitive information. This bug was discovered in the Source game engine, developed by Valve. It is used in several titles, including CS: GO. Other games that still use the engine no longer possess the critical bug for exploitation. However, in CS: GO, the bug still exists for attackers to take advantage of. As per reports, a security researcher from The Secret Club named Florian discovered the bug two years ago, back in 2019. He reportedly reached out to Valve through its bug bounty program, HackerOne, to inform about the bug. The developers marked the bug as “critical” at the time. However, as per Florian, the game development studio later admitted that they were “slow to respond” to the exploit.
