One of the most prominent threats right now is Infostealers. These would be a kind of malware that captures information from devices and sends the ...
For further actions, you may consider blocking this person and/or reporting abuse
The exfiltrator stores their API key in plain text? Or is that encrypted somehow?
time well spent reading this ++