A sequence of login failures in logs indicates what type of attack?

The pattern of multiple login failures typically indicates a dictionary attack. In this scenario, an attacker attempts to gain unauthorized access to a system by trying a series of valid usernames combined with a large set of common passwords. The attacker relies on the fact that many users still use weak or commonly known passwords, such as those you would find in a "dictionary" of common words or phrases.

When observing sequences of failed login attempts, it is often indicative of the attacker methodically testing multiple potential passwords against a known username until they successfully gain access. This behavior is specifically associated with dictionary attacks, as opposed to brute force attacks that might test every possible combination of characters, which is usually less methodical and can result in an extensive number of login failures in a relatively short period.

While other types of attacks like phishing or man-in-the-middle involve different tactics that do not typically manifest as login failures, the specific nature of dictionary attacks is rooted in the sequential testing of known passwords, making them the best fit for the context of the question.