Latest Cyber Attacks — Real-Time Threat Feed
Live feed of the most recent cyber attacks detected by the WAYSCloud threat intelligence network. Each entry represents an independently verified malicious event reported by automated monitoring systems and verified threat reporters. This page refreshes with new data every 5 minutes.
| Time | IP Address | Attack Type | Severity | Country | Network |
|---|---|---|---|---|---|
| 2026-07-05 19:28:37 | 150.95.82.21 | SSH Brute Force | HIGH | Japan | GMO-Z com NetDesign Holdings Co., Ltd. |
| 2026-07-05 19:26:09 | 45.148.10.141 | SSH Brute Force | HIGH | The Netherlands | Techoff Srv Limited |
| 2026-07-05 19:24:58 | 138.197.41.176 | Web Attack | HIGH | United States | DigitalOcean, LLC |
| 2026-07-05 19:24:25 | 111.52.249.29 | SSH Brute Force | HIGH | China | China Mobile communications corporation |
| 2026-07-05 19:24:22 | 31.57.184.247 | SSH Brute Force | MEDIUM | United States | VPS Dedicated LLC |
| 2026-07-05 19:23:08 | 80.94.92.128 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-07-05 19:22:19 | 198.98.56.227 | SSH Brute Force | HIGH | United States | FranTech Solutions |
| 2026-07-05 19:20:41 | 54.37.74.179 | SSH Brute Force | HIGH | France | OVH SAS |
| 2026-07-05 19:20:02 | 58.76.159.170 | SSH Brute Force | MEDIUM | South Korea | LG DACOM Corporation |
| 2026-07-05 19:20:02 | 176.53.159.198 | SSH Brute Force | CRITICAL | Türkiye | ZORNTECH WEB SOLUTIONS |
| 2026-07-05 19:20:02 | 64.226.126.224 | SSH Brute Force | HIGH | Germany | DigitalOcean, LLC |
| 2026-07-05 19:20:02 | 139.99.74.35 | SSH Brute Force | HIGH | Singapore | OVH SAS |
| 2026-07-05 19:20:02 | 195.178.110.137 | SSH Brute Force | HIGH | Bulgaria | Techoff Srv Limited |
| 2026-07-05 19:20:02 | 45.148.10.121 | SSH Brute Force | MEDIUM | The Netherlands | Techoff Srv Limited |
| 2026-07-05 19:20:02 | 193.46.255.86 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-07-05 19:20:02 | 2.57.121.112 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-07-05 19:20:02 | 176.53.159.196 | SSH Brute Force | HIGH | Türkiye | ZORNTECH WEB SOLUTIONS |
| 2026-07-05 19:20:02 | 2.57.121.25 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-07-05 19:19:18 | 182.93.50.90 | SSH Brute Force | MEDIUM | Macao | Companhia de Telecomunicacoes de Macau SARL |
| 2026-07-05 19:18:49 | 120.33.126.224 | SSH Brute Force | MEDIUM | China | Chinanet |
| 2026-07-05 19:15:49 | 80.94.92.128 | SSH Brute Force | MEDIUM | Romania | Unmanaged Ltd |
| 2026-07-05 19:15:15 | 45.227.254.170 | SSH Brute Force | HIGH | Panama | Flyservers S.A. |
| 2026-07-05 19:15:09 | 46.8.68.144 | Generic Bruteforce | MEDIUM | The Netherlands | Cgi Global Limited |
| 2026-07-05 19:15:06 | 20.24.209.4 | Web Brute Force | HIGH | Hong Kong | Microsoft Corporation |
| 2026-07-05 19:15:06 | 211.175.22.56 | Web Brute Force | HIGH | South Korea | DREAMLINE CO. |
| 2026-07-05 19:15:06 | 31.24.44.107 | Web Brute Force | HIGH | Spain | Axarnet Comunicaciones, S.l. |
| 2026-07-05 19:15:06 | 167.86.66.204 | Web Brute Force | HIGH | Germany | Contabo GmbH |
| 2026-07-05 19:15:06 | 123.253.38.54 | Web Brute Force | HIGH | Bangladesh | Rashedur Rahman t/a Onesky Communications Limited. |
| 2026-07-05 19:15:06 | 20.219.187.122 | Web Brute Force | HIGH | India | Microsoft Corporation |
| 2026-07-05 19:15:06 | 81.199.26.84 | Botnet Activity | HIGH | Germany | Clouvider Limited |
| 2026-07-05 19:15:06 | 81.199.26.72 | Botnet Activity | HIGH | Germany | Clouvider Limited |
| 2026-07-05 19:15:06 | 84.22.25.161 | Botnet Activity | HIGH | Bulgaria | Atlantis Net Ltd. |
| 2026-07-05 19:15:06 | 45.182.42.5 | Botnet Activity | HIGH | Brazil | FIBERLINK NETWORK |
| 2026-07-05 19:15:06 | 5.255.231.31 | Botnet Activity | HIGH | Russia | YANDEX LLC |
| 2026-07-05 19:15:06 | 85.203.15.10 | Botnet Activity | HIGH | Germany | Clouvider Limited |
| 2026-07-05 19:15:06 | 41.35.120.68 | Botnet Activity | HIGH | Egypt | IDDQD-AS |
| 2026-07-05 19:15:06 | 38.52.161.110 | Botnet Activity | HIGH | Dominican Republic | FASTNET SOLUTIONS SRL |
| 2026-07-05 19:15:06 | 43.246.202.47 | Botnet Activity | HIGH | Bangladesh | SKYNET CHOWMUHANI |
| 2026-07-05 19:15:06 | 196.238.48.103 | Botnet Activity | HIGH | Tunisia | Orange Tunisie |
| 2026-07-05 19:15:06 | 190.188.229.230 | Botnet Activity | HIGH | Argentina | Telecom Argentina S.A. |
| 2026-07-05 19:15:06 | 37.238.83.20 | Botnet Activity | HIGH | Iraq | Hulum Almustakbal Company for Communication Engineering and Services Ltd |
| 2026-07-05 19:15:06 | 45.178.49.195 | Botnet Activity | HIGH | Paraguay | PERES RAMOS WILLIAN (GIGABIT INTERNET) |
| 2026-07-05 19:15:06 | 85.203.15.16 | Botnet Activity | HIGH | Germany | Clouvider Limited |
| 2026-07-05 19:15:06 | 182.48.94.182 | Botnet Activity | HIGH | Bangladesh | Race Online Limited |
| 2026-07-05 19:15:06 | 181.84.157.124 | Botnet Activity | HIGH | Argentina | Telecom Argentina S.A. |
| 2026-07-05 19:15:06 | 185.244.152.133 | Botnet Activity | HIGH | Iraq | Kurdistan Net Company for Computer and Internet Ltd. |
| 2026-07-05 19:15:06 | 190.103.180.100 | Botnet Activity | HIGH | Dominican Republic | Telecable Central, S.A. |
| 2026-07-05 19:15:06 | 190.140.112.186 | Botnet Activity | HIGH | Panama | Cable Onda |
| 2026-07-05 19:15:06 | 190.49.119.43 | Botnet Activity | HIGH | Argentina | Telefonica de Argentina |
| 2026-07-05 19:15:06 | 181.191.225.235 | Botnet Activity | HIGH | Venezuela | MANGO NETWORK, C. A. MANGONET, C. A, |
Understanding Attack Types
Automated login attempts against SSH servers using common or leaked credential lists. One of the most prevalent attack vectors on internet-facing servers.
Systematic probing of network ports to identify running services and potential vulnerabilities. Often a precursor to targeted exploitation.
Serving malicious payloads via compromised or dedicated servers. Includes ransomware, trojans, information stealers, and exploit kits.
Coordination servers used to control networks of compromised machines. These IPs issue commands to infected endpoints for DDoS, spam, and data theft.
Automated credential stuffing and login attempts against web application authentication endpoints such as WordPress, cPanel, or custom login pages.
Anomalous network behavior flagged by automated detection systems. May include reconnaissance, unusual traffic patterns, or early-stage intrusion attempts.
About This Feed
This real-time threat feed aggregates data from multiple independent sources including automated intrusion detection systems, verified fail2ban reporters, curated threat intelligence lists, and community abuse databases. Each event shown here has been independently detected and reported through our threat intelligence network.
For programmatic access to this data, use the WAYSCloud API. To investigate any IP address in detail, click through to its threat intelligence report.