Botnets have been silently mass-scanning the internet for unsecured ENV files

Threat actors are looking for API tokens, passwords, and database logins usually stored in ENV files.

You can read the full article here.