November 21, 2020 By Pierluigi Paganini
Threat actors are scanning the Internet for ENV files that usually contain API tokens, passwords, and database logins.
Threat actors are scanning the internet for API tokens, passwords, and database logins that are usually used to store ENV files (Environment files) accidentally left exposed online.
Environment files are configuration files that usually contain user environment variables for multiple frameworks and development tools such as Docker, Node.js, Django, and Symfony.
Obviously these files should not be exposed online without any protection.