Earlier today, source code for Counter-Strike: Global Offensive and Team Fortress 2 started to circulate, alarming gamers and modders who worried that they could expose security flaws. At least one project shut down as a precaution. However, code for the game has been previously available, this leak just spread it much wider.
We have reviewed the leaked code and believe it to be a reposting of a limited CS:GO engine code depot released to partners in late 2017, and originally leaked in 2018. From this review, we have not found any reason for players to be alarmed or avoid the current builds.— CS:GO (@CSGO) April 22, 2020
According to Valve, in a statement posted from the CS: GO Twitter account, they “believe it to be a reposting of a limited CS:GO engine code depot released to partners in late 2017, and originally leaked in 2018” and found no reason for alarm among players. SteamDB operator Pavel Djundik suggested similar, saying it would probably provide “very little” help to cheat developers.
The only advice from Valve is for players to stick to official servers, and a promise of further updates if any other information comes to light.
Update: Valve also posted from the Team Fortress 2 account, similarly noting that it had no reason to believe players should be alarmed.
We will continue to investigate the situation and will update news outlets and players if we find anything to prove otherwise. In the meantime, if anyone has more information about the leak, the Valve security page (next tweet) describes how best to report that information.— CS:GO (@CSGO) April 22, 2020