We added SmarterTools SmarterMail CVE-2026-23760 RCE to our daily Vulnerable HTTP scans. Around 6000 IPs globally found likely vulnerable based on our version check. We also see exploitation attempts in the wild. CVE-2026-23760 Geo Treemap View: https://t.co/QqZ674VxXG

Regarding CVE-2026-24061 in GNU InetUtils telnetd: while we are not scanning for it explicitly (due to current lack of ability to check in a safe way, we share - and have for years - data on exposed instances in our Accessible Telnet Report: https://t.co/2JR0hChy5Z ~800K exposed

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils telnetd server.

We have been tweaking the scan the last few days to better weed out non-telnet protocols. Some honeypots may remain. Telnet should not be publicly exposed, but often is especially on legacy iot devices. CVE-2026-24061 info & patch:

@Shadowserver #Shadowserver finds 6,000+ likely vulnerable #SmarterMail servers exposed online https://t.co/bddZZWm6fu #securityaffairs #hacking

@Shadowserver Which is being reported as 800K vulnerable to RCE, the distinction is important to note. The penetration of GNU inetutils telnetd is much lower, less than 8000 servers or so.

Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils telnetd server. https://t.co/LCPBTQskjL

en empresas típicas ponemos mucho énfasis en retirar protocolos viejos como telnet, pero a la gente se le olvida que luego adquiere productos genéricos (camaras, NAS caseros, appliances, etc..) que vienen con muchos vicios ocultos como puertos abiertos sabrá Jebuz para que.