Latest Cyber Attacks — Real-Time Threat Feed
Live feed of the most recent cyber attacks detected by the WAYSCloud threat intelligence network. Each entry represents an independently verified malicious event reported by automated monitoring systems and verified threat reporters. This page refreshes with new data every 5 minutes.
| Time | IP Address | Attack Type | Severity | Country | Network |
|---|---|---|---|---|---|
| 2026-05-05 10:07:27 | 119.28.9.170 | SSH Brute Force | MEDIUM | Hong Kong | Tencent Building, Kejizhongyi Avenue |
| 2026-05-05 10:07:08 | 112.164.20.69 | SSH Brute Force | HIGH | South Korea | Korea Telecom |
| 2026-05-05 10:06:38 | 80.94.92.177 | SSH Brute Force | HIGH | Romania | Unmanaged Ltd |
| 2026-05-05 10:04:56 | 210.79.142.221 | SSH Brute Force | HIGH | Indonesia | PT Gayatri Lintas Nusantara |
| 2026-05-05 10:04:05 | 2.57.122.177 | SSH Brute Force | MEDIUM | Romania | Unmanaged Ltd |
| 2026-05-05 10:03:06 | 103.170.173.26 | SSH Brute Force | HIGH | Bangladesh | AG Communication |
| 2026-05-05 10:00:25 | 222.182.123.248 | Aggregated Threat | HIGH | China | Chinanet |
| 2026-05-05 10:00:25 | 222.214.223.46 | Aggregated Threat | HIGH | China | Chinanet |
| 2026-05-05 10:00:25 | 223.85.101.59 | Aggregated Threat | HIGH | China | China Mobile Communications Group Co., Ltd. |
| 2026-05-05 10:00:25 | 223.91.110.157 | Aggregated Threat | HIGH | China | Henan Mobile Communications Co.,Ltd |
| 2026-05-05 10:00:25 | 216.36.87.103 | Aggregated Threat | HIGH | United States | GTT Communications Inc. |
| 2026-05-05 10:00:25 | 213.172.155.107 | Aggregated Threat | HIGH | South Africa | Hero-Telecoms |
| 2026-05-05 10:00:25 | 212.53.246.162 | Aggregated Threat | HIGH | Germany | PURtel.com GmbH |
| 2026-05-05 10:00:25 | 222.162.107.57 | Aggregated Threat | HIGH | China | CHINA UNICOM China169 Backbone |
| 2026-05-05 10:00:25 | 217.247.218.230 | Aggregated Threat | HIGH | Germany | Deutsche Telekom AG |
| 2026-05-05 10:00:25 | 223.198.160.105 | Aggregated Threat | HIGH | China | Chinanet |
| 2026-05-05 10:00:25 | 218.71.47.39 | Aggregated Threat | HIGH | China | Chinanet |
| 2026-05-05 10:00:25 | 206.135.170.70 | Aggregated Threat | HIGH | Pakistan | Cyber Internet Services Pvt Ltd. |
| 2026-05-05 10:00:25 | 202.67.45.36 | Aggregated Threat | HIGH | Indonesia | INDOSAT Internet Network Provider |
| 2026-05-05 10:00:25 | 217.196.48.73 | Aggregated Threat | HIGH | United States | Hostinger International Limited |
| 2026-05-05 10:00:25 | 217.76.76.142 | Aggregated Threat | HIGH | Kazakhstan | Mobile Telecom-Service LLP |
| 2026-05-05 10:00:25 | 217.60.241.43 | Aggregated Threat | HIGH | Iran | Pfcloud UG (haftungsbeschrankt) |
| 2026-05-05 10:00:25 | 164.92.160.156 | Aggregated Threat | HIGH | Germany | DigitalOcean, LLC |
| 2026-05-05 10:00:25 | 213.199.42.168 | Aggregated Threat | HIGH | France | Contabo GmbH |
| 2026-05-05 10:00:25 | 222.89.217.163 | Aggregated Threat | HIGH | China | Chinanet |
| 2026-05-05 10:00:25 | 213.34.104.91 | Aggregated Threat | HIGH | The Netherlands | Vodafone Libertel B.V. |
| 2026-05-05 10:00:25 | 206.189.12.120 | Aggregated Threat | HIGH | The Netherlands | DigitalOcean, LLC |
| 2026-05-05 10:00:25 | 211.203.13.209 | Aggregated Threat | HIGH | South Korea | SK Broadband Co Ltd |
| 2026-05-05 10:00:25 | 209.198.140.157 | Aggregated Threat | HIGH | The Netherlands | Space Exploration Technologies Corporation |
| 2026-05-05 10:00:25 | 209.90.232.249 | Aggregated Threat | HIGH | United States | Wowrack.com |
| 2026-05-05 10:00:25 | 222.137.162.64 | Aggregated Threat | HIGH | China | CHINA UNICOM China169 Backbone |
| 2026-05-05 10:00:25 | 207.32.217.239 | Aggregated Threat | HIGH | United States | 1GSERVERS, LLC |
| 2026-05-05 10:00:25 | 209.38.111.231 | Aggregated Threat | HIGH | The Netherlands | DigitalOcean, LLC |
| 2026-05-05 10:00:25 | 206.135.170.88 | Aggregated Threat | HIGH | Pakistan | Cyber Internet Services Pvt Ltd. |
| 2026-05-05 10:00:25 | 222.140.185.60 | Aggregated Threat | HIGH | China | CHINA UNICOM China169 Backbone |
| 2026-05-05 10:00:25 | 206.135.161.250/31 | Aggregated Threat | HIGH | — | — |
| 2026-05-05 10:00:25 | 203.150.169.211 | Aggregated Threat | HIGH | Thailand | Internet Thailand Company Limited |
| 2026-05-05 10:00:25 | 202.92.122.123 | Aggregated Threat | HIGH | Australia | TPG Telecom Limited |
| 2026-05-05 10:00:25 | 223.199.173.116 | Aggregated Threat | HIGH | China | Chinanet |
| 2026-05-05 10:00:25 | 202.8.43.5 | Aggregated Threat | HIGH | United States | Ahrefs Pte Ltd |
| 2026-05-05 10:00:25 | 201.113.218.157 | Aggregated Threat | HIGH | Mexico | UNINET |
| 2026-05-05 10:00:25 | 200.195.48.251 | Aggregated Threat | HIGH | Brazil | V tal |
| 2026-05-05 10:00:25 | 200.106.160.80 | Aggregated Threat | HIGH | Brazil | BHNET FIBRA TELECOMUNICACOES LTDA |
| 2026-05-05 10:00:25 | 199.244.88.224/31 | Aggregated Threat | HIGH | — | — |
| 2026-05-05 10:00:25 | 164.90.236.194 | Aggregated Threat | HIGH | Germany | DigitalOcean, LLC |
| 2026-05-05 10:00:25 | 164.92.153.170 | Aggregated Threat | HIGH | The Netherlands | DigitalOcean, LLC |
| 2026-05-05 10:00:25 | 223.204.181.15 | Aggregated Threat | HIGH | Thailand | Triple T Broadband Public Company Limited |
| 2026-05-05 10:00:25 | 164.92.170.249 | Aggregated Threat | HIGH | Germany | DigitalOcean, LLC |
| 2026-05-05 10:00:25 | 165.22.4.213 | Aggregated Threat | HIGH | United States | DigitalOcean, LLC |
| 2026-05-05 10:00:25 | 2001:67c:e60:c0c:192:42:116:44 | Aggregated Threat | HIGH | The Netherlands | Church of Cyberology |
Understanding Attack Types
Automated login attempts against SSH servers using common or leaked credential lists. One of the most prevalent attack vectors on internet-facing servers.
Systematic probing of network ports to identify running services and potential vulnerabilities. Often a precursor to targeted exploitation.
Serving malicious payloads via compromised or dedicated servers. Includes ransomware, trojans, information stealers, and exploit kits.
Coordination servers used to control networks of compromised machines. These IPs issue commands to infected endpoints for DDoS, spam, and data theft.
Automated credential stuffing and login attempts against web application authentication endpoints such as WordPress, cPanel, or custom login pages.
Anomalous network behavior flagged by automated detection systems. May include reconnaissance, unusual traffic patterns, or early-stage intrusion attempts.
About This Feed
This real-time threat feed aggregates data from multiple independent sources including automated intrusion detection systems, verified fail2ban reporters, curated threat intelligence lists, and community abuse databases. Each event shown here has been independently detected and reported through our threat intelligence network.
For programmatic access to this data, use the WAYSCloud API. To investigate any IP address in detail, click through to its threat intelligence report.