Critical Security Flaws Found in 336,000 Exposed Prometheus Monitoring Servers

Researchers discovered over 336,000 Prometheus monitoring servers and exporters exposed online, leaking sensitive data and vulnerable to DoS attacks. The investigation revealed plaintext passwords, authentication tokens, and internal API addresses were accessible, while also identifying risks from 'repojacking' vulnerabilities.