Cyber Threat Trends

Summary: 2025/04/19 11:19

First reported date: 2015/09/03
Inquiry period : 2025/03/20 11:19 ~ 2025/04/19 11:19 (1 months), 62 search results

전 기간대비 34% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 CVSS Vulnerability Exploit Update CVE 입니다.
공격자 UNC5221 도 새롭게 확인됩니다.
공격기술 Hijacking 도 새롭게 확인됩니다.
기관 및 기업 Apple Germany Mandiant Check Point 도 새롭게 확인됩니다.
기타 Kubernetes Ingress Patches Android NGINX 등 신규 키워드도 확인됩니다.

System은 컴퓨터 시스템 보안 취약점의 심각도를 평가하기 위한 무료 공개 산업 표준입니다. CVSS는 취약성에 심각도 점수를 할당하여 대응자가 위협에 따라 대응 및 리소스의 우선 순위를 지정할 수 있도록 합니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/19 When Vulnerability Information Flows are Vulnerable Themselves
    ㆍ 2025/04/18 CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
    ㆍ 2025/04/17 Strengthening Zero Trust Security with Expert Penetration Testing

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	CVSS	62	▲ 21 (34%)
2	Vulnerability	61	▲ 20 (33%)
3	Exploit	42	▲ 14 (33%)
4	Update	38	▲ 13 (34%)
5	CVE	24	▲ 3 (13%)
6	Malware	22	▲ 4 (18%)
7	attack	17	▲ 4 (24%)
8	Report	17	▲ 7 (41%)
9	target	15	▲ 4 (27%)
10	Software	15	▲ 8 (53%)
11	Remote Code Execution	14	▼ -6 (-43%)
12	RCE	13	▲ 11 (85%)
13	Critical	12	▲ 5 (42%)
14	United States	12	▲ 8 (67%)
15	intelligence	10	▼ -1 (-10%)
16	CISA	10	▼ -1 (-10%)
17	flaw	8	▲ 6 (75%)
18	Advertising	8	▼ -2 (-25%)
19	Windows	7	▼ -1 (-14%)
20	Java	6	▲ 5 (83%)
21	ZeroDay	6	- 0 (0%)
22	Kubernetes	6	▲ new
23	Microsoft	5	▼ -3 (-60%)
24	Alert	5	- 0 (0%)
25	Backdoor	5	▲ 3 (60%)
26	Campaign	5	▲ 2 (40%)
27	plugin	5	▲ 3 (60%)
28	WordPress	5	▲ 2 (40%)
29	Password	5	▲ 4 (80%)
30	Wordfence	4	▲ 2 (50%)
31	Linux	4	- 0 (0%)
32	Apple	4	▲ new
33	Google	4	▲ 2 (50%)
34	Ingress	4	▲ new
35	Operation	4	▼ -2 (-50%)
36	Ransomware	4	- 0 (0%)
37	Patches	3	▲ new
38	GitHub	3	▲ 1 (33%)
39	Android	3	▲ new
40	Supply chain	3	▲ 1 (33%)
41	Fortinet	3	▲ 2 (67%)
42	China	3	▲ 2 (67%)
43	NGINX	3	▲ new
44	Cisco	3	▼ -2 (-67%)
45	UNC5221	3	▲ new
46	CentreStack	3	▲ new
47	DDoS	3	▲ 1 (33%)
48	VMware	3	▲ 1 (33%)
49	js	3	▲ new
50	Next	3	▲ new
51	Apache	3	▲ 2 (67%)
52	DarkWeb	3	- 0 (0%)
53	Victim	3	▲ 1 (33%)
54	ingressnginx	2	▲ new
55	Full	2	▲ new
56	Germany	2	▲ new
57	Roller	2	▲ new
58	Middleware	2	▲ new
59	Warns	2	▲ new
60	GameoverP2P	2	▼ -1 (-50%)
61	Router	2	▲ 1 (50%)
62	MacOS	2	▲ 1 (50%)
63	XSS	2	▲ 1 (50%)
64	Mandiant	2	▲ new
65	hijack	2	- 0 (0%)
66	Cryptographic key	2	▲ new
67	Hijacking	2	▲ new
68	Docker	2	▲ new
69	CVEs	2	▲ new
70	공격	2	▲ new
71	file	2	▲ 1 (50%)
72	Active	2	▲ new
73	Ivanti	2	▲ new
74	access	2	▲ new
75	SonicWall	2	▲ 1 (50%)
76	Oracle	2	▲ 1 (50%)
77	Backup	2	▲ new
78	Veeam	2	▲ new
79	Firmware	2	▲ 1 (50%)
80	Government	2	- 0 (0%)
81	MFA	2	- 0 (0%)
82	Remote	2	- 0 (0%)
83	SSH	2	▲ new
84	Broadcom	2	▲ 1 (50%)
85	Check Point	2	▲ new
86	SMA	2	▲ new
87	RATel	2	▼ -1 (-50%)
88	DYEPACK	2	▼ -1 (-50%)
89	Controller	2	▲ new
90	session	1	- 0 (0%)
91	Trust	1	▲ new
92	iOS	1	▲ new
93	Tomcat	1	- 0 (0%)
94	Flaws	1	▼ -1 (-100%)
95	SureTriggers	1	▲ new
96	Zero	1	▲ new
97	FortiSwitch	1	▲ new
98	MachineKey	1	▲ new
99	AiCloud	1	▲ new
100	HardCoded	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		4 (36.4%)
GameoverP2P		2 (18.2%)
RATel		2 (18.2%)
DYEPACK		2 (18.2%)
MeshAgent		1 (9.1%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
UNC5221		3 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		42 (47.2%)
Remote Code Execution		14 (15.7%)
RCE		13 (14.6%)
Backdoor		5 (5.6%)
Campaign		5 (5.6%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
United States		12 (22.2%)
CISA		10 (18.5%)
Microsoft		5 (9.3%)
Apple		4 (7.4%)
Google		4 (7.4%)

Threat info

Last 5

SNS

(Total : 18)

Total keyword

CVSS Vulnerability CVE Update Exploit Attacker RCE ZeroDay Password Malware MeshAgent Report Docker Telegram attack powershell CISA Firmware Cisco Fortinet VMware Windows Kubernetes Apple UNC5221 Safari hijack iPhone Hijacking Java Mandiant China iCloud

No	Title	Date
1	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????ASUS AiCloud Vulnerability (CVE-2025-2492) Enables Remote Function Execution via Authentication Bypass CVSS Score: 9.2 https://t.co/0YofUq1hWX	2025.04.18
2	The Hacker News @TheHackersNews ???? Actively Exploited SonicWall Flaw Hits CISA’s KEV List. Remote attackers can execute code via SMA 100 Series bug (CVE-2021-20035, CVSS 7.2). ➡️ Injects OS commands as ‘nobody’ user ➡️ Impacts SMA 200–500v on outdated firmware ➡️ FCEB agencies must patch by May 7, 2025 Your https://t.co/U3Xbw	2025.04.17
3	The Hacker News @TheHackersNews ???? CVSS 10.0 ALERT: Remote Code Execution in Erlang/OTP SSH (CVE-2025-32433) No auth. Full control. Widespread impact. Used in Cisco, Ericsson, OT/IoT, and edge systems, this bug lets attackers run code without logging in. If SSH runs as root? Game over. ???? ???? Full details → https://t.co/K	2025.04.17
4	Hunter @HunterMapping ????Alert???? CVE-2025-32433 (CVSS 10): Critical SSH Flaw Allows Unauthenticated RCE in Erlang/OTP.It affects versions prior to OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20 ????490K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/NhdSN1rRIh ????Query https://t	2025.04.17
5	The Hacker News @TheHackersNews ???? Alert — A 9.0 CVSS flaw in Gladinet’s CentreStack also affects Triofox—both used for remote access. Attackers exploited it as a zero-day in March, hitting 7 orgs by April 11. ???? Root cause: Hardcoded crypto keys → enabled RCE via PowerShell + DLL sideloading ???? Read: https://t.co/w6EXAZH	2025.04.15

News

(Total : 44)

Total keyword

CVSS Vulnerability Exploit Update Attacker Malware attack Report Software target Remote Code Execution CVE United States RCE intelligence CISA Advertising Windows Microsoft WordPress Kubernetes Backdoor Java Campaign plugin Linux Google Operation Ransomware Victim Android Apple DarkWeb DDoS GitHub ZeroDay Supply chain Password MacOS China UNC5221 Router Cryptographic key Cisco CVEs Oracle Germany DYEPACK GameoverP2P VMware Check Point RATel Fortinet XSS Government MFA YouTube Social Engineering Browser Distribution Microsoft Edge VBScript hijack ...

No	Title	Date
1	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
2	CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download - The Hacker News	2025.04.18
3	Strengthening Zero Trust Security with Expert Penetration Testing - Malware.News	2025.04.17
4	Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution - The Hacker News	2025.04.17
5	CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices - The Hacker News	2025.04.17

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
2	CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download - The Hacker News	2025.04.18
3	CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download - The Hacker News	2025.04.18
4	CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices - The Hacker News	2025.04.17
5	Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks - The Hacker News	2025.04.17
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.