Still increasing. Do updating you WordPress ASAP. I read some articles and also got an email about this from my ISP. So I’m writing this.
Yesterday, Security Next told us some IP addresses about attackers. I checked up on my log last night. I found an access from one of questionable IP addresses, which was on February 6. It caused 500 error on my server. Maybe because my WordPress was already version 4.7.2 at this point.
Its user-agent is python-requests/2.11.1 and its destination is /wp-json/wp/v2/posts/.
WordPress 4.7.2 was released more than a week ago, and WordPress has an auto-update feature enabled by default, along with an easy manual update process. Despite this, this situation. It’s indeed disappointing.