Latest Cyber Attacks — Real-Time Threat Feed
Live feed of the most recent cyber attacks detected by the WAYSCloud threat intelligence network. Each entry represents an independently verified malicious event reported by automated monitoring systems and verified threat reporters. This page refreshes with new data every 5 minutes.
| Time | IP Address | Attack Type | Severity | Country | Network |
|---|---|---|---|---|---|
| 2026-04-05 22:27:51 | 92.118.39.56 | SSH Brute Force | HIGH | United States | Unmanaged Ltd |
| 2026-04-05 22:21:07 | 5.223.70.30 | SSH Brute Force | HIGH | Singapore | Hetzner Online GmbH |
| 2026-04-05 22:16:47 | 103.49.239.156 | SSH Brute Force | HIGH | Indonesia | PT Cloud Hosting Indonesia |
| 2026-04-05 22:15:50 | 5.181.87.35 | SSH Brute Force | HIGH | Türkiye | Yigit Hosting Bilisim E-Ticaret Gida Sanayi Ticaret Limited Sirketi |
| 2026-04-05 22:15:25 | 89.149.61.122 | Web Brute Force | HIGH | Romania | iNES GROUP SRL |
| 2026-04-05 22:15:25 | 91.234.6.47 | Web Brute Force | HIGH | Ukraine | Virtual Systems LLC |
| 2026-04-05 22:15:25 | 95.111.245.190 | Web Brute Force | HIGH | France | Contabo GmbH |
| 2026-04-05 22:15:25 | 83.168.78.82 | Web Brute Force | HIGH | Poland | Korbank S. A. |
| 2026-04-05 22:15:25 | 89.45.12.136 | Web Brute Force | HIGH | Romania | NexonHost Srl |
| 2026-04-05 22:15:25 | 89.32.41.150 | Web Brute Force | HIGH | Romania | Hostmaze Inc Srl-d |
| 2026-04-05 22:15:25 | 79.108.225.156 | Web Brute Force | HIGH | United States | Kamatera, Inc. |
| 2026-04-05 22:15:25 | 87.158.116.69 | Web Brute Force | HIGH | Germany | Deutsche Telekom AG |
| 2026-04-05 22:15:25 | 85.217.140.29 | Web Brute Force | HIGH | France | Modat B.V. |
| 2026-04-05 22:15:25 | 85.121.54.185 | Web Brute Force | HIGH | The Netherlands | M247 Europe SRL |
| 2026-04-05 22:15:25 | 60.204.153.115 | Web Brute Force | HIGH | China | Huawei Cloud Service data center |
| 2026-04-05 22:15:25 | 83.6.248.27 | Web Brute Force | HIGH | Poland | Orange Polska Spolka Akcyjna |
| 2026-04-05 22:15:25 | 61.231.205.110 | Web Brute Force | HIGH | Taiwan | Data Communication Business Group |
| 2026-04-05 22:15:25 | 83.233.71.202 | Web Brute Force | HIGH | Sweden | Bredband2 AB |
| 2026-04-05 22:15:25 | 57.128.218.186 | Web Brute Force | HIGH | Poland | OVH SAS |
| 2026-04-05 22:15:25 | 81.177.213.181 | Web Brute Force | HIGH | Russia | Alexhost Srl |
| 2026-04-05 22:15:25 | 80.66.87.238 | Web Brute Force | HIGH | Germany | International Hosting Company Limited |
| 2026-04-05 22:15:25 | 79.192.71.99 | Web Brute Force | HIGH | Germany | Deutsche Telekom AG |
| 2026-04-05 22:15:25 | 46.224.107.95 | Web Brute Force | HIGH | Germany | Hetzner Online GmbH |
| 2026-04-05 22:15:25 | 77.237.237.25 | Web Brute Force | HIGH | France | Contabo GmbH |
| 2026-04-05 22:15:25 | 75.119.152.24 | Web Brute Force | HIGH | France | Contabo GmbH |
| 2026-04-05 22:15:25 | 74.115.235.101 | Web Brute Force | HIGH | United States | Crown Castle Fiber LLC |
| 2026-04-05 22:15:25 | 64.31.53.170 | Web Brute Force | HIGH | United States | Limestone Networks, Inc. |
| 2026-04-05 22:15:25 | 64.23.236.187 | Web Brute Force | HIGH | United States | DigitalOcean, LLC |
| 2026-04-05 22:15:25 | 64.23.147.173 | Web Brute Force | HIGH | United States | DigitalOcean, LLC |
| 2026-04-05 22:15:25 | 62.61.136.107 | Web Brute Force | HIGH | Denmark | DKTV A/S |
| 2026-04-05 22:15:25 | 84.247.154.104 | Web Brute Force | HIGH | Japan | Contabo Asia Private Limited |
| 2026-04-05 22:15:25 | 62.171.140.68 | Web Brute Force | HIGH | Germany | Contabo GmbH |
| 2026-04-05 22:15:25 | 62.54.176.203 | Web Brute Force | HIGH | Germany | Telefonica Germany |
| 2026-04-05 22:15:25 | 60.204.157.87 | Web Brute Force | HIGH | China | Huawei Cloud Service data center |
| 2026-04-05 22:15:25 | 84.54.71.199 | Web Brute Force | HIGH | Uzbekistan | Uzbektelekom Joint Stock Company |
| 2026-04-05 22:15:25 | 60.12.103.225 | Web Brute Force | HIGH | China | CHINA UNICOM China169 Backbone |
| 2026-04-05 22:15:25 | 58.251.254.247 | Web Brute Force | HIGH | China | China Unicom Shenzen network |
| 2026-04-05 22:15:25 | 57.128.245.106 | Web Brute Force | HIGH | Poland | OVH SAS |
| 2026-04-05 22:15:25 | 90.188.113.47 | Web Brute Force | HIGH | Russia | Rostelecom |
| 2026-04-05 22:15:25 | 51.79.50.128 | Web Brute Force | HIGH | Canada | OVH SAS |
| 2026-04-05 22:15:25 | 51.254.132.0 | Web Brute Force | HIGH | France | OVH SAS |
| 2026-04-05 22:15:25 | 51.210.12.40 | Web Brute Force | HIGH | France | OVH SAS |
| 2026-04-05 22:15:25 | 5.35.114.115 | Web Brute Force | HIGH | Russia | Lovitel LLC |
| 2026-04-05 22:15:25 | 5.129.213.15 | Web Brute Force | HIGH | The Netherlands | Timeweb, LLP |
| 2026-04-05 22:15:25 | 49.228.96.167 | Web Brute Force | HIGH | Thailand | AIS Fibre |
| 2026-04-05 22:15:25 | 46.224.111.239 | Web Brute Force | HIGH | Germany | Hetzner Online GmbH |
| 2026-04-05 22:15:25 | 91.107.218.229 | Web Brute Force | HIGH | Germany | Hetzner Online GmbH |
| 2026-04-05 22:15:25 | 45.66.228.237 | Web Brute Force | HIGH | Germany | Play2go International Limited |
| 2026-04-05 22:15:25 | 43.167.212.236 | Web Brute Force | HIGH | Japan | Tencent Building, Kejizhongyi Avenue |
| 2026-04-05 22:15:25 | 95.215.8.165 | Web Brute Force | HIGH | The Netherlands | Baykov Ilya Sergeevich |
Understanding Attack Types
Automated login attempts against SSH servers using common or leaked credential lists. One of the most prevalent attack vectors on internet-facing servers.
Systematic probing of network ports to identify running services and potential vulnerabilities. Often a precursor to targeted exploitation.
Serving malicious payloads via compromised or dedicated servers. Includes ransomware, trojans, information stealers, and exploit kits.
Coordination servers used to control networks of compromised machines. These IPs issue commands to infected endpoints for DDoS, spam, and data theft.
Automated credential stuffing and login attempts against web application authentication endpoints such as WordPress, cPanel, or custom login pages.
Anomalous network behavior flagged by automated detection systems. May include reconnaissance, unusual traffic patterns, or early-stage intrusion attempts.
About This Feed
This real-time threat feed aggregates data from multiple independent sources including automated intrusion detection systems, verified fail2ban reporters, curated threat intelligence lists, and community abuse databases. Each event shown here has been independently detected and reported through our threat intelligence network.
For programmatic access to this data, use the WAYSCloud API. To investigate any IP address in detail, click through to its threat intelligence report.