T1567
Exfiltration Over Web Service
discovered 2026-07-14The stolen asyncapi-bot PAT was exfiltrated from the CI runner to a rentry.co dead-drop URL (slug 'elzotebo') before automated review flagged the malicious PR.
View on MITRE ATT&CKThe stolen asyncapi-bot PAT was exfiltrated from the CI runner to a rentry.co dead-drop URL (slug 'elzotebo') before automated review flagged the malicious PR.
View on MITRE ATT&CKSafeDep keeps analytics anonymous and cookie-free until you opt in. Accepting helps us understand product usage and improve your experience. Privacy Policy
Choose what you share. You can change this anytime from the footer.