Comment by 8note
2 hours ago
if an api key with full perms was put in a place where the agent can access it, that is the biggest problem.
that somebody made a key thst can delete prod when they dont need to delete prod is the underlying problem with that
and underlying that still is that the staging environments were on the same account as prod.
No comments yet
Contribute on Hacker News ↗