diff --git a/Common/Source/src/main/java/dev/brighten/antivpn/api/VPNConfig.java b/Common/Source/src/main/java/dev/brighten/antivpn/api/VPNConfig.java
index 8becdd8..a679b09 100644
--- a/Common/Source/src/main/java/dev/brighten/antivpn/api/VPNConfig.java
+++ b/Common/Source/src/main/java/dev/brighten/antivpn/api/VPNConfig.java
@@ -294,6 +294,8 @@ public class VPNConfig {
 
     /**
      * The authentication token to use for webhook requests.
+     * Note: Token is stored in memory as plaintext. Ensure proper file system
+     * permissions are set on config.yml to protect sensitive authentication tokens.
      * @return String
      */
     public String webhookAuthToken() {
diff --git a/Common/Source/src/main/java/dev/brighten/antivpn/webhook/WebhookNotifier.java b/Common/Source/src/main/java/dev/brighten/antivpn/webhook/WebhookNotifier.java
index 05dcd3e..8e3e0df 100644
--- a/Common/Source/src/main/java/dev/brighten/antivpn/webhook/WebhookNotifier.java
+++ b/Common/Source/src/main/java/dev/brighten/antivpn/webhook/WebhookNotifier.java
@@ -44,7 +44,7 @@ public class WebhookNotifier {
             } catch (Exception e) {
                 AntiVPN.getInstance().getExecutor().logException("Failed to send webhook notification", e);
             }
-        });
+        }, dev.brighten.antivpn.api.VPNExecutor.threadExecutor);
     }
 
     /**
@@ -91,7 +91,7 @@ public class WebhookNotifier {
             // Check response
             int responseCode = connection.getResponseCode();
             if (responseCode >= 200 && responseCode < 300) {
-                AntiVPN.getInstance().getExecutor().log(Level.FINE, 
+                AntiVPN.getInstance().getExecutor().log(Level.INFO, 
                     "Successfully sent webhook notification for player %s (response: %d)", 
                     player.getName(), responseCode);
             } else {
diff --git a/Common/Source/src/main/resources/config.yml b/Common/Source/src/main/resources/config.yml
index 2f4e124..9f16093 100644
--- a/Common/Source/src/main/resources/config.yml
+++ b/Common/Source/src/main/resources/config.yml
@@ -49,6 +49,7 @@ webhooks:
   # Optional: Set to true to include authentication header (Authorization: Bearer <token>)
   useAuthentication: false
   # The authentication token to use when useAuthentication is true
+  # Security Note: Token is stored in plaintext. Ensure proper file permissions on this file.
   authToken: ''
   # Timeout in seconds for webhook requests (default: 5)
   timeout: 5