Latest Cyber Attacks — Real-Time Threat Feed
Live feed of the most recent cyber attacks detected by the WAYSCloud threat intelligence network. Each entry represents an independently verified malicious event reported by automated monitoring systems and verified threat reporters. This page refreshes with new data every 5 minutes.
| Time | IP Address | Attack Type | Severity | Country | Network |
|---|---|---|---|---|---|
| 2026-04-16 12:58:13 | 2.57.122.96 | SSH Brute Force | MEDIUM | Romania | Unmanaged Ltd |
| 2026-04-16 12:58:09 | 45.148.10.141 | SSH Brute Force | HIGH | Netherlands | Techoff Srv Limited |
| 2026-04-16 12:57:04 | 92.118.39.63 | SSH Brute Force | MEDIUM | United States | Unmanaged Ltd |
| 2026-04-16 12:54:23 | 80.94.92.167 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:54:16 | 92.118.39.63 | SSH Brute Force | MEDIUM | United States | Unmanaged Ltd |
| 2026-04-16 12:52:43 | 2.57.122.190 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:50:54 | 92.118.39.196 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:48:44 | 80.66.66.70 | SSH Brute Force | HIGH | Russia | Soldatov Alexey Valerevich |
| 2026-04-16 12:48:03 | 83.21.255.99 | SSH Brute Force | MEDIUM | Poland | Orange Polska Spolka Akcyjna |
| 2026-04-16 12:47:37 | 92.118.39.62 | SSH Brute Force | MEDIUM | United States | Unmanaged Ltd |
| 2026-04-16 12:45:05 | 92.118.39.62 | SSH Brute Force | MEDIUM | United States | Unmanaged Ltd |
| 2026-04-16 12:43:39 | 45.227.254.170 | SSH Brute Force | HIGH | Panama | Flyservers S.A. |
| 2026-04-16 12:42:44 | 193.32.162.146 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:41:56 | 87.251.64.145 | SSH Brute Force | MEDIUM | Poland | ISAEV Igor |
| 2026-04-16 12:41:49 | 92.118.39.197 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:38:57 | 87.251.64.145 | SSH Brute Force | HIGH | Poland | ISAEV Igor |
| 2026-04-16 12:38:29 | 27.119.7.6 | SSH Brute Force | HIGH | South Korea | SK Broadband Co Ltd |
| 2026-04-16 12:38:14 | 195.178.110.15 | SSH Brute Force | HIGH | Bulgaria | Techoff Srv Limited |
| 2026-04-16 12:37:07 | 77.87.40.114 | SSH Brute Force | HIGH | Ukraine | Zubko Volodymyr Viktorovych |
| 2026-04-16 12:35:57 | 114.34.106.146 | SSH Brute Force | HIGH | Taiwan | Data Communication Business Group |
| 2026-04-16 12:35:18 | 80.66.66.70 | SSH Brute Force | MEDIUM | Russia | Soldatov Alexey Valerevich |
| 2026-04-16 12:35:14 | 2.57.121.25 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:34:43 | 185.181.10.136 | SSH Brute Force | HIGH | Germany | Kamatera Inc |
| 2026-04-16 12:34:31 | 2.57.122.238 | SSH Brute Force | MEDIUM | Romania | Unmanaged Ltd |
| 2026-04-16 12:33:52 | 80.66.66.70 | SSH Brute Force | HIGH | Russia | Soldatov Alexey Valerevich |
| 2026-04-16 12:33:36 | 118.35.127.66 | SSH Brute Force | HIGH | South Korea | Korea Telecom |
| 2026-04-16 12:32:48 | 45.148.10.147 | SSH Brute Force | HIGH | Netherlands | Techoff Srv Limited |
| 2026-04-16 12:31:00 | 2.57.122.191 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:30:41 | 203.121.40.210 | SSH Brute Force | MEDIUM | Malaysia | TIME dotCom Berhad No. 14, Jalan Majistret U126 Hicom Glenmarie Industrial Park 40150 Shah Al |
| 2026-04-16 12:29:36 | 104.218.166.62 | SSH Brute Force | MEDIUM | United States | UCLOUD INFORMATION TECHNOLOGY HK LIMITED |
| 2026-04-16 12:29:14 | 103.20.122.54 | SSH Brute Force | MEDIUM | Thailand | CyberWorld |
| 2026-04-16 12:29:10 | 2.57.122.188 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:28:36 | 163.7.6.74 | SSH Brute Force | MEDIUM | Indonesia | Byteplus Pte. Ltd. |
| 2026-04-16 12:28:27 | 196.189.51.210 | SSH Brute Force | MEDIUM | Ethiopia | Ethiopian Telecommunication Corporation |
| 2026-04-16 12:28:24 | 209.141.47.217 | SSH Brute Force | MEDIUM | United States | FranTech Solutions |
| 2026-04-16 12:27:17 | 103.115.56.3 | SSH Brute Force | MEDIUM | Hong Kong | Cloudie Limited |
| 2026-04-16 12:25:01 | 87.251.64.147 | SSH Brute Force | HIGH | Poland | ISAEV Igor |
| 2026-04-16 12:23:05 | 36.95.194.51 | SSH Brute Force | HIGH | Indonesia | PT Telekomunikasi Indonesia |
| 2026-04-16 12:20:58 | 87.251.64.149 | SSH Brute Force | MEDIUM | Poland | ISAEV Igor |
| 2026-04-16 12:18:16 | 92.118.39.236 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:16:39 | 80.94.92.183 | SSH Brute Force | MEDIUM | Romania | Unmanaged Ltd |
| 2026-04-16 12:16:25 | 2.57.122.194 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-04-16 12:15:15 | 59.182.88.242 | Web Brute Force | HIGH | India | National Internet Backbone |
| 2026-04-16 12:15:15 | 70.51.36.171 | Web Brute Force | HIGH | Canada | Bell Canada |
| 2026-04-16 12:15:15 | 76.71.70.209 | Web Brute Force | HIGH | Canada | Bell Canada |
| 2026-04-16 12:15:15 | 84.132.94.55 | Web Brute Force | HIGH | Germany | Deutsche Telekom AG |
| 2026-04-16 12:15:15 | 88.234.18.202 | Web Brute Force | HIGH | Türkiye | Turk Telekom |
| 2026-04-16 12:15:15 | 90.55.92.119 | Web Brute Force | HIGH | France | Orange |
| 2026-04-16 12:15:15 | 95.59.210.122 | Web Brute Force | HIGH | Kazakhstan | JSC Kazakhtelecom |
| 2026-04-16 12:15:15 | 98.97.48.140 | Web Brute Force | HIGH | United States | Space Exploration Technologies Corporation |
Understanding Attack Types
Automated login attempts against SSH servers using common or leaked credential lists. One of the most prevalent attack vectors on internet-facing servers.
Systematic probing of network ports to identify running services and potential vulnerabilities. Often a precursor to targeted exploitation.
Serving malicious payloads via compromised or dedicated servers. Includes ransomware, trojans, information stealers, and exploit kits.
Coordination servers used to control networks of compromised machines. These IPs issue commands to infected endpoints for DDoS, spam, and data theft.
Automated credential stuffing and login attempts against web application authentication endpoints such as WordPress, cPanel, or custom login pages.
Anomalous network behavior flagged by automated detection systems. May include reconnaissance, unusual traffic patterns, or early-stage intrusion attempts.
About This Feed
This real-time threat feed aggregates data from multiple independent sources including automated intrusion detection systems, verified fail2ban reporters, curated threat intelligence lists, and community abuse databases. Each event shown here has been independently detected and reported through our threat intelligence network.
For programmatic access to this data, use the WAYSCloud API. To investigate any IP address in detail, click through to its threat intelligence report.