A third-party security researcher discovered a vulnerability in a staging environment via Server-Side Request Forgery (SSRF) probing. The incident underscores the critical importance of applying production-level security monitoring, access controls, and incident response capabilities to non-production environments to prevent them from becoming initial access vectors.