alma
ecf92f7762
- Removed malicious userConfig loader that dynamically imported external config - Removed mergeConfig function that allowed configuration hijacking - Added .gitignore rules to block v0-user-next.config files SECURITY INCIDENT: - Backdoor discovered allowing remote code execution via /adfa route - Attacker installed cryptocurrency miner on production VM - Root-level system compromise with 9+ months of access - Full incident details in SECURITY_INCIDENT_REPORT.md All malware removed from VM. All credentials being rotated. Date: January 10, 2026
11 lines
126 B
Plaintext
11 lines
126 B
Plaintext
node_modules/
|
|
.next/
|
|
dist/
|
|
build/
|
|
.env
|
|
*.log
|
|
|
|
# Block potential backdoor config files
|
|
v0-user-next.config*
|
|
*user-next.config*
|