In December, cybersecurity researcher Fredrik Nordberg Almroth, co-founder of Detectify, discovered a significant vulnerability within the Democratic Republic of Congo's top-level domain, .cd, which exposed it to potential malicious exploitation. By purchasing a crucial, expired domain name server linked to .cd, Almroth thwarted possible nefarious activities, such as traffic redirection, credential theft, and malware dissemination. This vulnerability, once reported, was swiftly patched, but it highlighted the severe risks of domain hijacking, which can impact millions of users and major institutions. Almroth emphasized the importance of proactive monitoring and quick vulnerability detection to prevent such hostile takeovers, citing past incidents with other country code top-level domains. A detailed technical report on this incident is available through Detectify Labs.