Collective hacking group Anonymous has started the action it pledged for the 5th November, targeting Australian government websites and big hitters such PayPal, VMware, Symantec, as well as defacement of NBC-affiliated sites and Lady Gaga’s fan page.

Without explaining the origin, Anonymous has published the source code of the core VMware ESX virtualization professional solution. VMware confirmed the leaked source code for its virtualization software, ESX.

Stun, a hacker using the banner Anonymous, published the software blueprints on file-sharing networks and BitTorrent tracker and promoted by various tweeters on Sunday. Some of these tweets with the hashtags #Anonymous #AntiSec and #SourcySleazySundays posted by the hackers claimed that the leaked code was the full VMware ESX Server Kernel.

VMware has acknowledged the authenticity of the source code, explaining that disclosure is related to a previous leak recognized in April 2012. At the time, the VMware explained one source code file was released, but it is possible that other file be might be published in the future.

The official did not indicate the level of risk associated with new intellectual property leakage.

“It is possible that more related files will be posted in the future,” Iain Mulholland, VMware’s director of platform security, explained. “We take customer security seriously and have engaged our VMware Security Response Center to thoroughly investigate.”

By disclosing the source code, Stun allows hackers to explore and discover the flaws of the kernel, which can be used for all kinds of attacks. Many services are hosted on solutions based on VMware ESX, so the consequences could be significant.

“It is the VMKernel from between 1998 and 2004, but as we all know, kernels don’t change that much in programs, they get extended or adapted but some core functionality still stays the same,” Stun wrote.

VMware says it wants to investigate the possible consequences of the leak, before providing recommendations to clients. But customers who apply the latest product updates and patches can protect their environment from attack.

“By applying the combination of the most current product updates and the relevant security patches, we believe our customer environments will be best protected,” Mulholland said.

The latest incident showed how companies face increasing difficulties to protect some of their most valuable intellectual assets. In September 2012, an Indian hacktivist crew called the Lords of Dharmaraja had published 2006 source code for Symantec Norton Utilities including Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere.

The allegations are all part of Anonymous’ day of action on 5 November to coincide with Guy Fawkes Night – presumably as a symbol of protest from the V for Vendetta series and not as a nod to the Catholic radical’s theological views.