Cyber Threat Trends

Summary: 2025/05/02 23:59

First reported date: 2014/09/11
Inquiry period : 2025/04/02 23:59 ~ 2025/05/02 23:59 (1 months), 10 search results

전 기간대비 90% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 CMS Exploit 입니다.
악성코드 유형 Anchor 도 새롭게 확인됩니다.
공격기술 RCE Remote Code Execution XSS 도 새롭게 확인됩니다.
기관 및 기업 France 도 새롭게 확인됩니다.
기타 Craft ZeroDay attack Vulnerability Critical 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/04/29 Intrusions chaining critical Craft CMS zero-days ongoing
ㆍ 2025/04/28 Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	CMS	10	▲ 9 (90%)
2	Craft	5	▲ new
3	ZeroDay	5	▲ new
4	attack	4	▲ new
5	Exploit	3	▲ 2 (67%)
6	Vulnerability	2	▲ new
7	RCE	2	▲ new
8	Critical	2	▲ new
9	Remote	2	▲ new
10	Threat	1	▲ new
11	France	1	▲ new
12	securityaffairs	1	- 0 (0%)
13	hacking	1	- 0 (0%)
14	wild	1	▲ new
15	Game	1	▲ new
16	httpstcooI	1	▲ new
17	Access	1	▲ new
18	MWNEWS	1	▲ new
19	Hosting	1	▲ new
20	CVSS	1	▲ new
21	flaw	1	▲ new
22	Flaws	1	▲ new
23	Malware	1	- 0 (0%)
24	Remote Code Execution	1	▲ new
25	CVE	1	▲ new
26	image	1	▲ new
27	Anchor	1	▲ new
28	Authenticated	1	▲ new
29	Code	1	▲ new
30	UNA	1	▲ new
31	PHP	1	▲ new
32	Object	1	▲ new
33	Injection	1	▲ new
34	XSS	1	▲ new
35	risk	1	▲ new
36	Stored	1	▲ new
37	Cross	1	▲ new
38	Site	1	▲ new
39	chain	1	▲ new
40	Alert	1	▲ new
41	WBCE	1	▲ new
42	Allows	1	▲ new
43	Java	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Anchor		1 (100%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		3 (37.5%)
RCE		2 (25%)
hacking		1 (12.5%)
Remote Code Execution		1 (12.5%)
XSS		1 (12.5%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
France		1 (100%)

Threat info

Last 5

SNS

(Total : 5)

Total keyword

ZeroDay RCE Exploit attack hacking France Attacker Vulnerability CVE Java

No	Title	Date
1	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???????????? Game Server Hosting Platform Access (France) Access to a game server hosting platform CMS with phpMyAdmin root access including full JavaScript injection possible. ???? CMS: WHMCS ???? Location: France ???? Topic: FiveM, Minecraft, CS, VPS + Web Hosting ???? DB Includes: Full https://	2025.04.29
2	The Hacker News @TheHackersNews ???? 13,000+ sites at risk. Hackers are actively exploiting 2 zero-days in Craft CMS, hitting servers via image tools. One flaw scores 10.0 CVSS—worst possible. Nearly 300 sites likely breached already. Watch for POST hits to "/actions/assets/generate-transform" ???? Details: https://t.co/26th3b4	2025.04.28
3	Pierluigi Paganini - Security Affairs @securityaffairs Attackers chained #Craft #CMS zero-days attacks in the wild https://t.co/oI6a4hnLmZ #securityaffairs #hacking	2025.04.28
4	Hunter @HunterMapping ????Alert???? CVE-2025-32432:Craft CMS Allows Remote Code Execution ????EXP : https://t.co/SjQRk5TZLC ????997.9K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/CF2MvxksAI ????Query HUNTER : https://t.co/q9rtuGgxk7="Craft CMS" FOFA https://t.co/GgDFwrqpRx	2025.04.27
5	BleepingComputer @BleepinComputer Craft CMS RCE exploit chain used in zero-day attacks to steal data - @LawrenceAbrams https://t.co/kGAO16u6bX https://t.co/kGAO16u6bX	2025.04.25

News

(Total : 5)

Total keyword

attack ZeroDay Remote Code Execution Malware Exploit CVSS Vulnerability XSS Anchor

No	Title	Date
1	Intrusions chaining critical Craft CMS zero-days ongoing - Malware.News	2025.04.29
2	Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised - The Hacker News	2025.04.28
3	[webapps] Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS) - Exploit-DB.com	2025.04.09
4	[webapps] UNA CMS 14.0.0-RC - PHP Object Injection - Exploit-DB.com	2025.04.08
5	[webapps] WBCE CMS 1.6.3 - Authenticated Remote Code Execution (RCE) - Exploit-DB.com	2025.04.06

Additional information

No	Title	Date
1	Amazon, Apple Show Big Tech Not Immune From Tariff Pain - Bloomberg Technology	2025.05.02
2	SKT 해킹 배후에 중국 그림자?.. 악명 떨치는 중국계 해킹 조직들 - 시큐리티팩트	2025.05.02
3	MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks - The Hacker News	2025.05.02
4	xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs - Malware.News	2025.05.02
5	Top NSC official wants to normalize offensive hacking as tool of US might - Malware.News	2025.05.02
View only the last 5

No	Title	Date
1	CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks - The Hacker News	2025.02.21
2	CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors - The Hacker News	2025.01.31
3	Joomla! vulnerability is being actively exploited - Palada	2024.01.14
4	Joomla! vulnerability is being actively exploited - Malwarebytes	2024.01.13
5	Money Matters: CMS CIO Pushkal Tenjerla on digital revolution in cash management systems - CIO Security	2023.08.17
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.