We are releasing a new daily IP feed of compromised IoT devices discovered in our non-HTTP scans, attacks against sensors we map to devices. Includes compromised SSH instances obtained via external sources. See: shadowserver.org/what-we-do/n...dashboard.shadowserver.org/statistics/c...

This complements our other reports such as the Compromised Website report with HTTP based detection (see shadowserver.org/what-we-do/n...) which also contains IoT devices, as well as our sinkhole and honeypot based reports. The report will be expanded with new detections in the future.