Cyber Threat Trends

Summary: 2025/04/17 15:46

First reported date: 2010/11/15
Inquiry period : 2025/03/18 15:46 ~ 2025/04/17 15:46 (1 months), 117 search results

전 기간대비 32% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 ZeroDay Exploit Vulnerability Update attack 입니다.
공격자 unc5221 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기관 및 기업 Iran Trend Micro Saudi Arabia Spain Oracle 도 새롭게 확인됩니다.
기타 powershell Flaw Targeted Java iPhone 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/16 Threat Intelligence Snapshot: Week 15, 2025
    ㆍ 2025/04/16 Multiple orgs subjected to attacks involving Gladinet zero-day
    ㆍ 2025/04/16 CVE-2025-24054, NTLM Exploit in the Wild

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	ZeroDay	117	▲ 38 (32%)
2	Exploit	86	▲ 31 (36%)
3	Vulnerability	66	▲ 29 (44%)
4	Update	57	▲ 17 (30%)
5	attack	48	▲ 22 (46%)
6	Malware	47	▲ 9 (19%)
7	Windows	42	▲ 32 (76%)
8	target	32	▲ 7 (22%)
9	Microsoft	30	▲ 7 (23%)
10	Report	29	▲ 7 (24%)
11	Google	29	▲ 21 (72%)
12	Chrome	28	▲ 26 (93%)
13	Kaspersky	27	▲ 22 (81%)
14	Campaign	25	▲ 15 (60%)
15	Ransomware	24	▲ 7 (29%)
16	Russia	21	▲ 16 (76%)
17	United States	19	▲ 8 (42%)
18	Software	18	▲ 7 (39%)
19	intelligence	17	▼ -2 (-12%)
20	Advertising	17	▲ 9 (53%)
21	Email	17	▲ 4 (24%)
22	Operation	17	▲ 11 (65%)
23	Victim	17	▲ 7 (41%)
24	hacking	17	▲ 6 (35%)
25	China	16	▲ 9 (56%)
26	Government	15	▲ 10 (67%)
27	Android	14	▲ 1 (7%)
28	Browser	13	▲ 11 (85%)
29	Remote Code Execution	13	▼ -4 (-31%)
30	Phishing	11	- 0 (0%)
31	Backdoor	11	▲ 6 (55%)
32	Threat	11	▲ 8 (73%)
33	CVE	10	▼ -1 (-10%)
34	unc5221	9	▲ new
35	RCE	9	▲ new
36	Education	8	▲ 3 (38%)
37	Criminal	8	▼ -6 (-75%)
38	CVSS	7	▲ 3 (43%)
39	DarkWeb	7	▼ -3 (-43%)
40	Ivanti	6	▲ 5 (83%)
41	IoC	6	▲ 3 (50%)
42	powershell	6	▲ new
43	EDR	6	▲ 4 (67%)
44	Linux	6	▲ 2 (33%)
45	securityaffairs	6	▲ 1 (17%)
46	Password	6	▲ 4 (67%)
47	Clop	6	▲ 5 (83%)
48	Apple	6	- 0 (0%)
49	VPN	5	▼ -1 (-20%)
50	Twitter	5	▲ 2 (40%)
51	North Korea	5	▲ 3 (60%)
52	Trojan	5	▲ 3 (60%)
53	Flaw	5	▲ new
54	Cisco	5	▲ 2 (40%)
55	exploitation	5	▲ 3 (60%)
56	Targeted	5	▲ new
57	Iran	5	▲ new
58	Trend Micro	5	▲ new
59	Firefox	5	▲ 4 (80%)
60	MWNEWS	5	▲ 1 (20%)
61	Java	4	▲ new
62	Fortinet	4	▲ 3 (75%)
63	GitHub	4	▲ 2 (50%)
64	CISA	4	▼ -5 (-125%)
65	Europe	4	▲ 2 (50%)
66	Ucraina	4	▲ 3 (75%)
67	iPhone	4	▲ new
68	NetWireRC	4	▲ 2 (50%)
69	Urgent	4	▲ 3 (75%)
70	Exploited	4	▲ 3 (75%)
71	breach	4	▲ new
72	sophisticated	4	▲ new
73	Check Point	4	▲ 2 (50%)
74	Russian	4	▲ new
75	Water	4	▲ new
76	SaudiArabia	4	▲ new
77	Saudi Arabia	4	▲ new
78	Stealer	4	- 0 (0%)
79	hijack	4	▲ 1 (25%)
80	Connect	4	▲ new
81	Secure	4	▲ new
82	CLFS	4	▲ new
83	LinkedIn	4	▲ 2 (50%)
84	googlechrome	3	▲ new
85	Patch	3	▼ -3 (-100%)
86	unknown	3	▲ new
87	Mandiant	3	▲ 1 (33%)
88	Gamayun	3	▲ new
89	Spain	3	▲ new
90	Trend	3	▲ new
91	DDoS	3	▲ 1 (33%)
92	Tuesday	3	▼ -4 (-133%)
93	ForumTroll	3	▲ new
94	actor	3	▲ 1 (33%)
95	ESET	3	- 0 (0%)
96	EncryptHub	3	▲ new
97	MFA	3	▼ -2 (-67%)
98	group	3	▲ new
99	Oracle	3	▲ new
100	Vawtrak	3	▲ 2 (67%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		24 (46.2%)
Clop		6 (11.5%)
Trojan		5 (9.6%)
NetWireRC		4 (7.7%)
Vawtrak		3 (5.8%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
unc5221		9 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		86 (46.2%)
Campaign		25 (13.4%)
hacking		17 (9.1%)
Remote Code Execution		13 (7%)
Phishing		11 (5.9%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Microsoft		30 (13.3%)
Google		29 (12.8%)
Kaspersky		27 (11.9%)
Russia		21 (9.3%)
United States		19 (8.4%)

Threat info

Last 5

SNS

(Total : 48)

Total keyword

ZeroDay Exploit Vulnerability attack Chrome Google Kaspersky target Update Windows Microsoft Russia Operation hacking Education CVE unc5221 Targeted Government Campaign Victim Android RCE Ransomware EDR Attacker iPhone CVSS China Apple Report Browser hijack Email DarkWeb Phishing Java Recorded Future Firefox Spain Saudi Arabia Patch powershell NAS ...

No	Title	Date
1	BleepingComputer @BleepinComputer Apple fixes two zero-days exploited in targeted iPhone attacks - @LawrenceAbrams https://t.co/KrsDnhTPZd https://t.co/KrsDnhTPZd	2025.04.16
2	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???? Alleged 0day Exploit: Arbitrary File Upload in TinyMCE / CKEditor 5 A threat actor is allegedly offering a zero-day arbitrary file upload to RCE vulnerability affecting TinyMCE and CKEditor 5. ???? Not tied to any known CVE ???? Proof-of-Concept only available via escrow ???? https://t.co/Lzy	2025.04.15
3	The Hacker News @TheHackersNews ???? Alert — A 9.0 CVSS flaw in Gladinet’s CentreStack also affects Triofox—both used for remote access. Attackers exploited it as a zero-day in March, hitting 7 orgs by April 11. ???? Root cause: Hardcoded crypto keys → enabled RCE via PowerShell + DLL sideloading ???? Read: https://t.co/w6EXAZH	2025.04.15
4	Pierluigi Paganini - Security Affairs @securityaffairs @AlvieriD #Hertz disclosed a data breach following 2024 #Cleo zero-day attack https://t.co/vroa6gCKt0 #securityaffairs #hacking	2025.04.15
5	Cyber_OSINT @Cyber_O51NT A threat actor is reportedly offering a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls, according to SecurityWeek. #CyberSecurity #Fortinet https://t.co/Hyk2AvxSut	2025.04.14

News

(Total : 69)

Total keyword

ZeroDay Update Exploit Malware Vulnerability Windows attack Report Microsoft target Attacker Campaign Ransomware United States Google Software intelligence Kaspersky Advertising Email Russia Victim Remote Code Execution China Chrome hacking Operation Government Browser Backdoor Android Phishing Criminal Linux IoC Password Cisco North Korea Twitter Trojan Iran Clop powershell RCE VPN DarkWeb UNC5221 CVSS Stealer CISA Europe Ucraina CVE LinkedIn NetWireRC GitHub Check Point Trend Micro c&c Vawtrak Fortinet Israel WhatsApp Oracle ESET Firefox RAT MFA Apple DDoS Saudi Arabia 취약점 GameoverP2P Supply chain Dropper Cobalt Strike Mandiant MacOS XDR Education Germany Patch Stealc hijack IcedID ...

No	Title	Date
1	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
2	Multiple orgs subjected to attacks involving Gladinet zero-day - Malware.News	2025.04.16
3	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
4	How Indicators of Compromise, Attack, and Behavior Help Spot and Stop Cyber Threats - Malware.News	2025.04.16
5	씨큐비스타, K-CTI 2025서 '네트워크 기반 공격자 TTP 탐지 대응방안' 발표 - 데일리시큐	2025.04.16

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
2	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
3	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
4	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
5	Fortinet 0-Day, Spotify Checker Shared, and STX Leak Campaign - Malware.News	2025.04.15
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.