If you have a pulse and work in information security (or are a new scraping script without a pulse), you have probably seen reports of attacks against VPN endpoints. Running any VPN without strong authentication has been negligent for years, but in recent times, ransomware gangs, in particular, picked them off pretty quickly.
Article Link: Brute Force Attacks Against Watchguard VPN Endpoints - SANS Internet Storm Center