In 2023, a threat actor launched a social engineering campaign on Retool involving smishing & credential harvesting, leading them to a one-time password token.