Found the error Not allowed to load local resource: file:///etc/passwd
while looking at infosec.pub’s communities page. There’s a community called “ignore me” that adds a few image tags trying to steal your passwd file.
You have to be extremely poorly configured for this to work, but the red flags you see should keep you on your toes for the red flags you don’t.
First thing I did when I got an account was enabled 2FA. It was a bit of a hassle cause its a link that you need to open in a device that supports it (ie: phone) but hey at least an option.