A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.