In response to a Computerworld query, Vupen CEO and chief hacker Chaouki Bekrar said the reports of the compromise are incorrect. "Nothing happened at all. We're safe," he said.
Bekrar's comments echoed a tweethe sent out late Wednesday night in which he called the rumors "totally false and pure troll."
It's unclear how speculation of the breach started. Many reports pointed to a brief post by security blogger Kevin Townsend that talked about Vupen being hacked and data on the zero-day flaws leaked. The report was picked up by other blogs and tweeted widely on TwitterTwitter. Alles zu Twitter auf CIO.de
A breach at Vupen, if true, would have wide impact. The company is widely regarded as one of the top vulnerability research firms in the business. Most recently, the company placed first at the Pwn2Own 2012 security event where it cracked MicrosoftMicrosoft's Internet Explore 9 browser and GoogleGoogle's Chrome in two days. Alles zu Google auf CIO.de Alles zu Microsoft auf CIO.de
Vupen is heavily focused on finding and exploiting unpatched bugs in leading software products. The company sells its vulnerability and exploit information to security vendors, governments, law enforcement agencies and to corporations to help them secure their systems against the flaws.