We already reported multiple times that, when you offer an online (cloud) service, there are a lot of chances that it will be abused for malicious purposes. I spotted an info-stealer that exfiltrates data through webhook.site. Today, many Python scripts use Discard as a C2 communication channel. This time, something different and that looks definitively less suspicious.
Article Link: InfoSec Handlers Diary Blog