Drawing little attention to themselves, multiple threat actors have spent the past two-three years mass-scanning the internet for ENV files that have been accidentally uploaded and left exposed on web servers.
ENV files, or environment files, are a type of configuration files that are usually used by development tools.
Frameworks like Docker, Node.js, Symfony, and Django use ENV files to store environment variables, such as API tokens, passwords, and database logins.
Read more…
Source: ZDNet