Botnets have been silently mass-scanning the internet for unsecured ENV files

Drawing little attention to themselves, threat actors have spent the past two-three years mass-scanning the internet for ENV files that have been accidentally uploaded and left exposed on web servers.
Source: cyware.com