Brinztech Alert: Source Code of Nasajon (Brazilian ERP Provider) is Leaked

Dark Web News Analysis

A threat actor on a known cybercrime forum is advertising the alleged leak of the source code belonging to Nasajon (Nasajon Sistemas). The breach is reported to have occurred in November 2025 (this month).

Brinztech Analysis: My analysis confirms Nasajon is a prominent Brazilian software company specializing in Integrated Management Systems (ERP) for accounting, tax, and HR sectors. Their software is widely used by small and medium-sized enterprises (SMEs) across Brazil to manage critical financial and payroll data.

The leak of source code is a “crown jewels” compromise. Unlike a simple database dump, source code availability allows threat actors to conduct “white-box” analysis—reading the code to find unpatched vulnerabilities (Zero-Days), hardcoded credentials, or logic flaws that can be weaponized against every company running Nasajon software.

This incident aligns with the severe 2025 cyber-crisis in Brazil, following recent major breaches at Conasems (Health Ministry Council) and CIEE, indicating a sustained campaign against the country’s digital service providers.

Key Cybersecurity Insights

This alleged leak presents a critical supply chain threat to the Brazilian business ecosystem:

• Critical Intellectual Property Compromise: The theft and public release of source code represent a severe compromise of proprietary intellectual property. It allows competitors or malicious actors to replicate functionality or identify trade secrets.
• Significant Supply Chain Risk: As an ERP provider, Nasajon’s compromised source code poses substantial supply chain risks. Attackers can identify vulnerabilities in the essential business management systems used by thousands of client companies, potentially leading to downstream ransomware or data theft attacks.
• Elevated Threat of Zero-Day Exploits: The availability of source code facilitates reverse engineering. Malicious actors can now discover Zero-Day vulnerabilities (e.g., SQL injection, authentication bypass) that are currently unknown to the vendor, putting all on-premise and cloud instances at risk.
• Brand Reputation and Trust Erosion: A public leak of this nature can severely damage Nasajon’s reputation, especially given the strict penalties under Brazil’s LGPD (General Data Protection Law) for negligence in protecting data processing systems.

Mitigation Strategies

In response to this claim, Nasajon and its clients must take immediate action:

• Comprehensive Source Code Audit & Vulnerability Assessment: Nasajon must immediately initiate a thorough security audit and Static Application Security Testing (SAST) of the leaked repositories to identify and patch any vulnerabilities before attackers can exploit them.
• Proactive Client Communication: Develop a clear communication plan to inform affected clients about the potential risks. Advise them to monitor their ERP instances for anomalous activity and apply any upcoming security patches immediately.
• Strengthened Secure Software Development Lifecycle (SSDLC): Enhance secure coding standards and implement strict access controls for source code repositories (e.g., GitHub/GitLab) to prevent future exfiltration.
• Intensified Threat Intelligence Monitoring: Continuously monitor dark web forums for the development of exploits or proof-of-concept (PoC) code targeting Nasajon software, which often appear shortly after a source code leak.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com