A severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors.
Researchers have identified a misconfiguration in the server setup that inadvertently leaks usernames and cryptographic keys used by malicious operators to manage their campaigns.
https://gbhackers.com/vulnerability-in- ... c2-server/