Cybersecurity Researchers Uncover Surge in Malicious Activities from Russian Hosting Provider

Cybersecurity researchers have revealed an increase in "mass scans, brute-force password attempts, and exploitations" originating from IP addresses associated with a Russian hosting service provider named Proton66. This activity, detected since January 8, 2025, targeted organizations worldwide, according to a two-part analysis published by Trustwave SpiderLabs last week. The attacks utilized mass scanning techniques, brute-force password attempts, and exploitation of vulnerabilities to compromise the systems of the targeted organizations.