One of the most prominent threats right now is Infostealers. These would be a kind of malware that captures information from devices and sends the ...
For further actions, you may consider blocking this person and/or reporting abuse
time well spent reading this ++
The exfiltrator stores their API key in plain text? Or is that encrypted somehow?