Re: "Incidents" or "reports of incidents"?
The kind of scenario where luser installs Apache web server, sees Apache default page or error page, and sends a very angry and incoherent complaint to Apache about having hacked them.
Oh gods, I thought I'd managed to bury that memory, but this happened to us.
We were setting up a new site on a dedicated server for a client (large well-known commercial property developer) and we hadn't yet put the bindings in place for the domain, but they managed their own DNS and had set up the A record and publicised it internally.
Cue panicked emails, then phone calls from the Digital Marketing team that they had been hacked by "The Apache" hacker collective...
Not one of them had even bothered to actually read what it says on the Apache default page:
"If you're seeing this page through a web browser, it means you have set up Apache successfully."