BleepingComputer reports that more than 3.6 million MySQL servers could be publicly accessed through the Internet, all of which are leveraging the default TCP port 3306, and are vulnerable to attacks. Shadowserver Foundation analysts discovered that the U.S. had more than 1.2 million exposed MySQL servers, making it the country with the most number of accessible servers, but numerous exposed servers were also observed in China, Poland, Germany, Singapore, and the Netherlands. "While we do not check for the level of access possible or exposure of specific databases, this kind of exposure is a potential attack surface that should be closed," said the report. Security admins have been urged by Shadowserver to review key guides for versions 5.7 and 8.0 of MySQL to ensure the security of their servers. Threat actors could exploit insecure MySQL servers to facilitate data breaches, Cobalt Strike intrusions, remote access trojan infections, and ransomware attacks.