security researchers have demonstrated critical vulnerability on source engines
A vulnerability has been discovered in Source Engine based games a few years ago, including Counter-Strike: Global Offensive, which allows remote code execution only by sending a Steam invite link. The exploit was reported by the secret club, a group of security researchers, in its Twitter account.
Two years ago, secret club member @floesen_ reported a remote code execution flaw affecting all source engine games. It can be triggered through a Steam invite. This has yet to be patched, and Valve is preventing us from publicly disclosing it. pic.twitter.com/0FWRvEVuUX— secret club (@the_secret_club) April 10, 2021
As for now, the original post has received almost a thousand retweets and a couple of thousand likes, which signals of the gathered attention, but most likely this would not be enough. We strongly advise you not to accept friend requests from people you do not know before this critical vulnerability is going to be fixed.