In real projects, yeah, same here on a couple WP installs. It’s usually not “spike in real users,” it’s just some bot junk hitting whatever’s easiest. What’s annoying is when it’s both comments and registrations at once — that usually means they found an endpoint they can keep poking. I’ve seen it keep going even after cleaning the spam because the actual door was still open somewhere. Honestly half the time it’s some plugin stack being sloppy, not the whole site “getting targeted” in some dramatic way. But yeah, it’s been worse the last few days for me too.
ToolDecision
Tools, compared and explained
ToolDecision
Tools, compared and explained