[GH-ISSUE #1706] Rickroll attack #1188

New issue

Open

opened 2026-05-07 00:30:54 +02:00 by BreizhHardware · 2 comments

BreizhHardware commented

2026-05-07 00:30:54 +02:00

Owner

Originally created by @tripleee on GitHub (Apr 16, 2026).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1706

Describe the bug
Some lowlife spammed all my monitoring feeds, and presumably everyone else's too, with a Youtube link last night.

Components impacted
In so many words, this impacted basically every component of the system.

Screenshots and/or logs
I can provide a screenshot of my phone's home screen this morning, but I guess you can imagine it even without the evidence.

Additional context
I suppose the "bug" here is that they were able to enumerate all monitoring endpoints. At a minimum, there should perhaps be a way to opt out of having them visible to everyone.

Originally created by @tripleee on GitHub (Apr 16, 2026). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1706 **Describe the bug** Some lowlife spammed all my monitoring feeds, and presumably everyone else's too, with a Youtube link last night. **Components impacted** In so many words, this impacted basically every component of the system. **Screenshots and/or logs** I can provide a screenshot of my phone's home screen this morning, but I guess you can imagine it even without the evidence. **Additional context** I suppose the "bug" here is that they were able to enumerate all monitoring endpoints. At a minimum, there should perhaps be a way to opt out of having them visible to everyone.

BreizhHardware added the

🪲 bug

label

2026-05-07 00:30:55 +02:00

BreizhHardware commented

2026-05-07 00:30:55 +02:00

Author

Owner

@binwiederhier commented on GitHub (Apr 16, 2026):

Somebody reported this last night. I confirmed that somebody is crawling GitHub for ntfy topics and publishing to them. I confirmed that all topics that were published to I could find through GitHub search.

I posted this last night on discord

A new "low/high": Somebody is scraping GitHub for ntfy.sh topics and sending spam to them from hundreds of different IPs.

I deployed a banning mechanism: github.com/binwiederhier/ntfy-ansible@b3f0407260

But basically: keep your topics private, otherwise people will be able to publish to it.

@binwiederhier commented on GitHub (Apr 16, 2026): Somebody reported this last night. I confirmed that somebody is crawling GitHub for ntfy topics and publishing to them. I confirmed that all topics that were published to I could find through GitHub search. I posted this last night on discord > A new "low/high": Somebody is scraping GitHub for ntfy.sh topics and sending spam to them from hundreds of different IPs. I deployed a banning mechanism: https://github.com/binwiederhier/ntfy-ansible/commit/b3f0407260c1d4ecdb99f95db21d9bfddcf58dc0 But basically: keep your topics private, otherwise people will be able to publish to it.

BreizhHardware commented

2026-05-07 00:30:55 +02:00

Author

Owner

@tripleee commented on GitHub (Apr 18, 2026):

Thanks for the analysis and the fix! I suppose it might make sense to leave this bug report open for a while for visibility. I checked your blog etc and found no mention before posting here.

@tripleee commented on GitHub (Apr 18, 2026): Thanks for the analysis and the fix! I suppose it might make sense to leave this bug report open for a while for visibility. I checked your blog etc and found no mention before posting here.