🤖 AI-Generated Analysis
Threat Analysis Blog

Daily threat intelligence analysis generated by a local AI model running on the same Raspberry Pi 5 that operates the honeypots. No data leaves the device.

Monday, 4 May 2026 💀 critical

Honeypot Threat Analysis — May 4, 2026

Critical severity persists — Sunday scanning operations maintain 2,000+ SSH connections with Go-based automated tooling on the web front.

🌍 136 IPs ⚡ 6,305 events 🤖 antigravity 📊 Data report →
ssh-brute-forcehoneypotweb-scanningmulti-protocolthreat-intelligence
Sunday, 3 May 2026 💀 critical

Honeypot Threat Analysis — May 3, 2026

Weekend attacks maintain critical levels — 1,985 SSH connections and IoT exploitation attempts via Hikvision and MikroTik vectors.

🌍 136 IPs ⚡ 6,305 events 🤖 antigravity 📊 Data report →
ssh-brute-forcehoneypotweb-scanningmulti-protocoliot-targetingthreat-intelligence
Saturday, 2 May 2026 💀 critical

Honeypot Threat Analysis — May 2, 2026

Sustained critical-level attacks — consistent 2,000+ SSH attempts and MikroTik reconnaissance commands dominate post-auth activity.

🌍 137 IPs ⚡ 6,313 events 🤖 antigravity 📊 Data report →
ssh-brute-forcehoneypotweb-scanningmulti-protocolhigh-severitythreat-intelligence
Friday, 1 May 2026 💀 critical

Honeypot Threat Analysis — May 1, 2026

Labour Day brings no rest for attackers — 1,993 SSH connections, 4,235 multi-protocol events, and Hikvision camera exploits detected.

🌍 137 IPs ⚡ 6,313 events 🤖 antigravity 📊 Data report →
ssh-brute-forcehoneypotweb-scanningmulti-protocolhigh-severitythreat-intelligence
Thursday, 30 April 2026 💀 critical

Honeypot Threat Analysis — April 30, 2026

Critical — nearly 2,000 SSH connections, 4,235 OpenCanary events, and 85 Galah requests. MikroTik router scanning detected.

🌍 137 IPs ⚡ 6,314 events 🤖 antigravity 📊 Data report →
ssh-brute-forcehoneypotweb-scanningmulti-protocolhigh-severitythreat-intelligence
Wednesday, 29 April 2026 💀 critical

Honeypot Threat Analysis — April 29, 2026

Critical severity continues — 2,064 SSH connections with 359 commands. Galah web scanning resumes with 76 requests.

🌍 135 IPs ⚡ 2,802 events 🤖 antigravity 📊 Data report →
ssh-brute-forcehoneypotweb-scanningmulti-protocolhigh-severitythreat-intelligence
Tuesday, 28 April 2026 💀 critical

Honeypot Threat Analysis — April 28, 2026

CRITICAL — 7,919 OpenCanary events in one day, the largest multi-protocol attack ever recorded. 1,926 SSH connections with 326 commands.

🌍 103 IPs ⚡ 9,845 events 🤖 antigravity 📊 Data report →
ssh-brute-forcehoneypotmulti-protocolhigh-severitythreat-intelligence