I published an artice about my latest security scan aimed to the exposed git repositories.
- 230 000 000 domains checked (the list was build mainly from the Rapid 7 OpenData),
- 390 000 affected sites found,
- 90 000 alerts send.
The most of affected sites use PHP:
But after normalization the numbers according to the market share, the worst situation is among the Python:
I also tried to detect the CMS/E-commerce system, HTTP server, Operating Systems and Frameworks:
You can find more detailed information about the scan on our company blog.