Knime was running in the background and scanning client websites. There was no thread detected during previous scans but it doesn’t mean the presumable intrusion necessarily came from the scan.
I did three scans and, surprisingly, when Parallel Chunks were disable to narrow down on the potential impacted domain, nothing was found.
May question would be:
- When a temp file from Knime get deleted by the “Windows Defender Overlord”, how is Knime supposed to handle that?
- Is there any option to increase interoperability with security mechanisms like Firewalls, VPNs, both blocking requests (Note: I encountered that with NordVPN before), or plain old Anti Virus tools? Maybe some sort of log message if a request from Knime was not satisfied eventually including response codes?