Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion Campaign
A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files .env that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign,...