Unauthenticated Message Queues are a Problem

This Censys research describes how internal pub/sub messaging systems (MQTT, ZeroMQ, NATS) are frequently exposed to the public internet due to misconfiguration, quantifies scale (e.g., ~650k MQTT hosts with ~480k accepting unauthenticated connections and ~407k allowing unauthenticated subscriptions; ~20k ZeroMQ hosts with ~9.5k PUB sockets; ~48.8k NATS hosts with ~3.9k unauthenticated), reports active publishing observed on thousands of hosts, and notes instances of sensitive data (credentials, IMEIs, geolocation, RTSP links) seen during sampling, concluding with a call to action to monitor and remediate such exposures.