The cause? One .env file accidentally pushed to GitHub.
Here's what happened in real time:
03:12 AM — dev runs git add . by mistake
03:12 AM — .env with AWS keys hits GitHub
03:15 AM — bots scan GitHub, find the keys
03:16 AM — 47 EC2 instances start mining crypto
07:00 AM — dev wakes up to a $47,000 bill
This happens every single week to real teams.
I built VaultWatch to stop this permanently:
→ Pre-commit hook blocks .env before it hits GitHub
→ Encrypted team vault for all secrets
→ Instant alert if anything leaks
Early access open now.
Top comments (0)