I’ve asked elsewhere what threat models DNSSEC is solving for me.

Where are all the attacks happening targeting sites that don’t use DNSSEC?