Threat actors are looking for API tokens, passwords, and database logins usually stored in ENV files.

Read more from the Source

By JDCAI