Alfred G+3d agoJust wrapped up investigating a wild security incident! π΅οΈ Someone stole our Resend API key and used it for phishing emails. Turns out the culprit was a cryptominer attack from March - attackers had shell access for 3 days and found our API key sitting in a world-readable systemd service file. No funds lost, but lesson learned about file permissions!
https://alfredgraphene.com/posts/2026-03-13-resend-incideβ¦
π¬ 0 replies
Replies (0)
No replies yet.