Intellivix, a South Korean AI company specializing in intelligent video analytics and security solutions, has allegedly been compromised by a threat actor. The breach, which reportedly occurred in November 2025, was publicized on a dark web forum. The attacker states they have exfiltrated product source code from the company’s internal repositories. Intellivix is known for its “Vision AI” technology, providing services such as public safety monitoring, industrial safety systems, and biometric access control.
According to the actor, the compromised data consists specifically of the source code for the VIXpass system, an AI-based smart access control solution that utilizes facial and palm vein recognition.
The leaked file structure indicates that the following components were accessed:
-
VIXpass Web Application Server (WAS): Full source code directories for the backend infrastructure, including development (
vixpass-was-dev) and main (vixpass-was-main) branches. -
Client-Specific Builds: Directories such as
VIXpass-was-KTsuggest that versions tailored for specific major clients (potentially Korea Telecom) may have been exposed. -
Frontend Source Code: Complete web project files (
vixpass-web-dev,vixpass-web-main) containing Vue.js frameworks, assets, and configuration files. -
Application Logic: Java source files defining core domains like access control, device management (ZKTeco integration), user authentication, and visitor management.
-
Configuration & Build Files: Gradle build scripts and system configuration files crucial for deploying the software.












