French-hosted IP address 85.217.140.9 conducted a sustained 7-day campaign targeting Kubernetes dashboards and FortiGate infrastructure with 148 attack events between March 4-11, 2026. Assessment indicates HIGH threat level based on maximum AbuseIPDB score and active exploitation attempts against cr…
IP address 66.132.153.127 conducted an 11-day reconnaissance campaign from March 1-12, 2026, targeting Fortinet appliances and SMTP services with 141 recorded events. The threat actor demonstrates medium-severity scanning behavior focused on network infrastructure enumeration. Organizations should …
External IP address 3.134.216.108 conducted sustained multi-protocol reconnaissance against network infrastructure over 30 days, targeting SMB, Fortinet devices, and multiple other services. This HIGH-risk activity demonstrates systematic network mapping behavior consistent with pre-attack reconnai…
Romanian-based threat actor 193.46.255.147 conducted a sophisticated multi-protocol reconnaissance campaign targeting industrial control systems, network infrastructure, and IoT devices over a 14-hour period from March 9-10, 2026. The campaign demonstrates advanced capabilities across Modbus, S7com…