Researchers found that a majority of internet-exposed instances of Apache Superset – at least 2000 (two-thirds of all servers) – are running with a dangerous default configuration. This means many of these servers are effectively open to the public.