Weekly Report for 2026-06-01 to 2026-06-08

STIX2 Threat Intelligence Feeds (52,773 indicators this week)

Weekly Intelligence Summary

56.2KAttacking IPs This Week
178Source Countries
1.8KPhishing Domains
29.6KProxy/Anon IPs
1.4KWeb Exploit Events
15CVEs Exploited
952OpenCLAW Events

Weekly Comparison

Attacks by Destination

Attacks By Country & ASN

Attacks By Protocol

SSH (26,372 IPs)

FTP (68 IPs)

SIP (152 IPs)

TELNET (815 IPs)

MSSQL (278 IPs)

MYSQL (71 IPs)

REDIS (307 IPs)

Phishing Domains by Category

Top SSH Bruteforce Usernames

Infrastructure Analysis

Tor Exit Nodes

No data available.

Infrastructure Type

No data available.

Anonymous Proxy Hosts (29,555 total)

Web Exploit Detection Summary

1.4KExploit Events
196Unique Attacker IPs
42Rules Triggered
15CVEs Observed
SourceRuleEventsUnique IPsCVEs
ETET WEB_SERVER Suspected FOXSHELL Variant Webshell Activity48967
ETET WEB_SERVER Suspected FOXSHELL Variant Webshell Activity48967
LOCALLOCAL OpenWRT Luci CGI RCE Attempt (CVE-2023-1389)2323CVE-2023-1389
ETET SCAN WordPress Scanner Performing Multiple Requests to Windows Live Writer XML15512
LOCALLOCAL Spring Boot Actuator Sensitive Endpoint Probe9115
ETET WEB_SERVER WEB-PHP phpinfo access8215CVE-2002-1149
ETET WEB_SPECIFIC_APPS Rails Arbitrary File Disclosure Attempt5726CVE-2019-5418
ETET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt5126
LOCALLOCAL AWS Credentials File Grab Attempt3222
ETET WEB_SERVER Possible DROP SQL Injection Attempt2713
ETET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M22626CVE-2021-41773
ETET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M22525CVE-2021-42013
ETET WEB_SERVER Possible CREATE SQL Injection Attempt in URI2524
LOCALLOCAL PHP Source Backup File Grab Attempt2213
ETET WEB_SERVER WebShell Generic - wget http - POST1710
ETET WEB_SERVER Possible SQL Injection Obfuscated by REVERSE function in HTTP Request Body173
ETET WEB_SERVER Possible SQL injection obfuscated via REVERSE function in HTTP URI173
ETET SCAN NETWORK Outgoing Masscan detected156
ETET SCAN NETWORK Incoming Masscan detected156
ETGPL WEB_SERVER .htpasswd access1210

CVE Exploitation Activity

CVE-2023-1389 CVE-2002-1149 CVE-2019-5418 CVE-2021-41773 CVE-2021-42013 CVE-2021-22005 CVE-2021-26855 CVE-2021-22893 CVE-2021-31207 CVE-2019-0193 CVE-2024-21887 CVE-2020-5902 CVE-2024-3400 CVE-2022-22274 CVE-2023-0656

OpenCLAW Dashboard Intelligence

952Total Events
41Unique Attackers
8Days Active

Attack Types

TypeCountShare
generic-probe1,24399.8%
admin-scan20.2%

Severity Distribution

SeverityCountPercentage
medium20.2%
low1,24399.8%
Share on: