The source code for Team Fortress 2 has been leaked. The incident has led hackers reportedly able to deliver malicious malware through the use of Remote Code Execution to other players in-game.
The leak was reported by @SteamDB on Twitter. The source code itself dates back to 2017 and 2018, which affects Counter-Strike: Global Offensive and Team Fortress 2. According to the report on the issue from PCGamesN, many Team Fortress 2 server communities have told players to avoid playing it until further notice.
Team Fortress 2 and CS:GO source codes leaked; Valve's response and what should you do
Valve had this to say about the supposed source code leak: "We have reviewed the leaked code and believe it to be a reposting of a limited CS:GO engine code depot released to partners in late 2017, and originally leaked in 2018. From this review, we have not found any reason for players to be alarmed or avoid the current builds (as always, playing on the official servers is recommended for greatest security)."
Valve continued the statement saying that they have investigated the issue, and anyone can come forward with any information to report it directly to Valve's security page, which explains how to fix the problem.
Conflicting reports from other sources
According to @HeavyUpdateOut on Twitter, he tweeted: "Do not launch TF2 under any circumstances, Remote Code Execution exploits have already been found which means you can receive a virus from simply joining a server with a cheater. This is not a drill."
HeavyUpdateOut, however, is only just one of a million fans out there of the game, and what he tweeted should be taken with a grain of salt.
The gaming community of both TF2 and CS:GO has taken the lead with this issue since it affects their player base, posting on the TF2 subreddit and warning users not to play both games until the issue has been patched.
The post said, however, that "If you aren't playing on any multiplayer servers, you are not at risk." But it may be best to avoid the affected games entirely.
There also have been unverified reports that all multiplayer source-based games may be affected, including Gary's Mod.
Regardless if you believe Valve's statement or the users who are affected, it's best to wait for the patch to fix the issue and make sure that everything is in order on the server-side.
It's always better to be safe than sorry when dealing with security concerns. For now, try to enjoy playing other games.