Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils telnetd server.
https://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks/
BleepingComputer
npub1j7…v7hg2
2026-01-26 15:19:26 UTC
Author Public Key
npub1j7dz37jrwqhehe8ydzpk5kcjpnzzv53h7s54lj62nv5w9fcar34suv7hg2Seen on
wss://relay.mostr.pubPublished at
2026-01-26 15:19:26 UTCEvent JSON
{
"id": "9bb14403dc4252dd4868f848b62d194449c39d54307f1b33906bbe958f2c011a",
"pubkey": "979a28fa43702f9be4e468836a5b120cc4265237f4295fcb4a9b28e2a71d1c6b",
"created_at": 1769440766,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/BleepingComputer/statuses/115962070086141755",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.ditto.pub"
]
],
"content": "Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils telnetd server.\n\nhttps://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks/",
"sig": "4218215088da8d341cb90bac4037cff8a5066855758a5eb694285c8801111bd555247618fa5b2829368576dc18fe2d4a7dbc1787cf9a63a3ebdabba30da1e143"
}