The cybersecurity experts at Wordfence have been tracking cybersecurity attacks, particularly malicious login attempts against WordPress sites. They have created a blacklist of IP addresses that they believe are at the root of the security breaches.
The 40 IP addresses, however, have been on the Wordfence blocklist since the end of 2020 and have each sent out over 1 Million malicious login attempts since November 17, 2021:
AWS, or Amazon Web Services, makes it simple to access its cloud services, hackers are taking advantage of this vulnerability, causing a steep increase in these breaches. The best way to prevent such threats is by using Wordfence premium services, which they state will automatically block the malicious attempts by any of the IPs listed above. Also, using two-factor authentification helps against fraudulent log-in attempts and keeps your WordPress site safe. Currently, about 40% of the websites on the web are powered by WordPress.