From cyware.com
A threat actor group is using a comprehensive toolset named AlienFox to steal sensitive information such as API keys, authentication secrets, and credentials from cloud service providers and popular services. Adversaries are using security scanning platforms, such as LeakIX and SecurityTrails, to discover misconfigured servers with popular web frameworks.