A botnet abused the hosted version of my open source project to phish 14,000 strangers. What I found, what I cleaned up, and what it taught me about running cloud on behalf of people I’ve never met.
Read in full here:
https://andrej.sh/posts/phishing-through-my-open-source-project