SECURITY PoC — Credentials Captured

Attack chain:
1. Attacker sends: https://dev.vbdev.io/vb/login?vbauth-digest=x&return-url=https://pixops.vbdev.io/vb/login
2. User sees REAL VB login page on dev.vbdev.io
3. User authenticates (password or SAML SSO) — real auth succeeds
4. VB redirects to pixops.vbdev.io/vb/login (THIS page) — pixel-perfect clone
5. User sees "Authentication failed" — enters credentials again — CAPTURED