I released a diary [1] on April 29, 2025, concerning scanning activities targeting SonicWall, and since that publication, this activity has escalated tenfold. In the last two weeks, numerous BACS students have noted activities associated with SonicWall scans, all linked to the identical two URLs [4][5] previously referenced in my earlier diary. During this time frame, my personal DShield sensor was queried by 25 distinct IPs. The three most frequently active IPs originated from the same subnet – 141.98.80.0/24.