It seems like a user named "johnyj12345" is making it's rounds on self-hosted Gitlab instances since Saturday, exposing server secrets to the public by creating issues containing Gitlab's `secrets.yml` file. Better check your instance!