Opportunistic attackers scanning for common web application vulnerabilities - Financial criminals targeting payment data and PII - Competitors engaging in scraping or denial-of-service (unlikely but possible) - Disgruntled former employees with knowledge of the codebase