[leeter]

It's a complicated space. There are attacks on both maintained and unmaintained stacks. There are definitely attacks against windows 95/98 too because people have things like mills or other industrial automation that are powered by those OSes still connected to the internet. There is a lot of SCADA[1] too that fits that bill. It's easy to think "but why wasn't this replaced!" and the answer is almost always "cost or process certification". If the operator is lucky and has good networking folks all of this is in a very very well firewalled VLAN. But, never underestimate the amount of people that are not that savvy and just have it plugged into the internet.

For anyone saying these aren't targets, no they are probably already hacked. These are the things that keep the national security folks up at night knowing an adversary has them already backdoored and set up for take down. Moreover if they execute on that they would go for maximum damage first to either create chaos, or prevent the system from being repaired easily.

[1]https://en.wikipedia.org/wiki/SCADA#Security