diff --git a/modules/security/bot-analyzer.sh b/modules/security/bot-analyzer.sh
index b0e23f9..d93eb8a 100755
--- a/modules/security/bot-analyzer.sh
+++ b/modules/security/bot-analyzer.sh
@@ -2128,7 +2128,7 @@ generate_comparison_report() {
         # Track repeat attackers
         local repeat_attackers=0
         if [ -f "$history_dir/known_attackers_${yesterday}.txt" ]; then
-            repeat_attackers=$(grep -Fx -f <(awk -F'|' '$1 >= 70 {print $2}' "$TEMP_DIR/threat_scores.txt" 2>/dev/null) "$history_dir/known_attackers_${yesterday}.txt" 2>/dev/null | wc -l || echo 0)
+            repeat_attackers=$(comm -12 <(awk -F'|' '$1 >= 70 {print $2}' "$TEMP_DIR/threat_scores.txt" 2>/dev/null | sort -u) <(sort -u "$history_dir/known_attackers_${yesterday}.txt") 2>/dev/null | wc -l || echo 0)
             if [ "$repeat_attackers" -gt 0 ]; then
                 echo -e "${RED}🔄 REPEAT ATTACKERS: $repeat_attackers IPs from yesterday${NC}"
             fi