2026-01-14: The Day the telnet Died

GreyNoise observed a step-function 59% reduction in global Telnet sessions beginning 2026-01-14 and links this topology change to the subsequent public disclosure of CVE-2026-24061, a critical (CVSS 9.8) GNU Inetutils telnetd authentication-bypass that yields unauthenticated root shells. The report documents impacted ASNs and countries, notes exploitation observed within hours of disclosure, and hypothesizes that upstream Tier-1 transit providers implemented TCP/23 filtering prior to public disclosure; it recommends patching to inetutils 2.7-2 or disabling telnet.