Cyber Threat Trends

Summary: 2025/04/17 15:36

First reported date: 2010/11/15
Inquiry period : 2025/04/10 15:36 ~ 2025/04/17 15:36 (7 days), 22 search results

전 기간대비 -36% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Vulnerability attack Windows Campaign target 입니다.
악성코드 유형 RAT Vawtrak Lumma AsyncRAT Clipbanker XWorm 도 새롭게 확인됩니다.
공격자 MuddyWater 도 새롭게 확인됩니다.
공격기술 Phishing Stealer MalSpam 도 새롭게 확인됩니다.
기관 및 기업 Ucraina Russia Europe Fortinet Iran South Korea Türkiye Australia 도 새롭게 확인됩니다.
기타 Threat actor Password c&c Hertz 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/16 Threat Intelligence Snapshot: Week 15, 2025
    ㆍ 2025/04/16 Multiple orgs subjected to attacks involving Gladinet zero-day
    ㆍ 2025/04/16 CVE-2025-24054, NTLM Exploit in the Wild

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	ZeroDay	22	▼ -8 (-36%)
2	Exploit	16	▼ -10 (-63%)
3	Vulnerability	15	▲ 1 (7%)
4	Malware	12	▼ -1 (-8%)
5	attack	10	▲ 3 (30%)
6	Update	9	▼ -8 (-89%)
7	Windows	9	▲ 1 (11%)
8	Campaign	9	▲ 6 (67%)
9	Report	8	- 0 (0%)
10	target	8	▲ 4 (50%)
11	Ransomware	7	▼ -2 (-29%)
12	RCE	7	▲ 6 (86%)
13	Advertising	5	▲ 2 (40%)
14	intelligence	5	▲ 2 (40%)
15	Android	5	▼ -3 (-60%)
16	Phishing	5	▲ new
17	Email	5	▲ 4 (80%)
18	Government	4	▲ 3 (75%)
19	Software	4	▼ -2 (-50%)
20	United States	4	- 0 (0%)
21	Linux	4	▲ 2 (50%)
22	Threat	4	▲ new
23	hacking	4	▼ -1 (-25%)
24	Victim	4	▲ 2 (50%)
25	Microsoft	4	▼ -6 (-150%)
26	actor	3	▲ new
27	Kaspersky	3	▲ 1 (33%)
28	DarkWeb	3	▲ 2 (67%)
29	Password	3	▲ new
30	IoC	3	▲ 2 (67%)
31	c&c	3	▲ new
32	breach	2	▲ 1 (50%)
33	Clop	2	▲ 1 (50%)
34	Ucraina	2	▲ new
35	Russia	2	▲ new
36	Europe	2	▲ new
37	Check Point	2	▲ 1 (50%)
38	RAT	2	▲ new
39	Hertz	2	▲ new
40	powershell	2	▲ new
41	WhatsApp	2	▲ new
42	Fortinet	2	▲ new
43	dark	2	▲ 1 (50%)
44	Vawtrak	2	▲ new
45	China	2	▼ -4 (-200%)
46	Google	2	▼ -7 (-350%)
47	NetWireRC	2	▲ 1 (50%)
48	GitHub	2	▲ new
49	wellknown	2	▲ new
50	file	2	▲ new
51	NAS	1	▲ new
52	Cisco	1	- 0 (0%)
53	EDR	1	▼ -1 (-100%)
54	Lumma	1	▲ new
55	Iran	1	▲ new
56	MuddyWater	1	▲ new
57	Cobalt Strike	1	- 0 (0%)
58	AsyncRAT	1	▲ new
59	Consumer	1	▲ new
60	Snapshot	1	▲ new
61	UNC5221	1	▼ -7 (-700%)
62	WinRAR	1	▲ new
63	Saudi Arabia	1	▼ -2 (-200%)
64	Clipbanker	1	▲ new
65	GameoverP2P	1	- 0 (0%)
66	AlvieriD	1	▲ new
67	securityaffairs	1	▼ -2 (-200%)
68	Cleo	1	- 0 (0%)
69	SaudiArabia	1	▼ -2 (-200%)
70	YARA	1	▲ new
71	RUN	1	▲ new
72	Suricata	1	▲ new
73	ANY	1	▲ new
74	Trojan	1	- 0 (0%)
75	XWorm	1	▲ new
76	Stealer	1	▲ new
77	Takedown	1	▲ new
78	LawrenceAbrams	1	▲ new
79	네트워크	1	▲ new
80	탐지	1	▲ new
81	공격	1	- 0 (0%)
82	conference	1	▲ new
83	South Korea	1	▲ new
84	Multiple	1	▲ new
85	MWNEWS	1	▼ -1 (-100%)
86	platform	1	▲ new
87	Gladinet	1	▲ new
88	httpstcoKrsDnhTPZd	1	▲ new
89	iPhone	1	- 0 (0%)
90	Backdoor	1	▼ -2 (-200%)
91	targeted	1	- 0 (0%)
92	Apple	1	▼ -1 (-100%)
93	information	1	▲ new
94	data	1	▲ new
95	Operation	1	▼ -2 (-200%)
96	MalSpam	1	▲ new
97	Browser	1	- 0 (0%)
98	Türkiye	1	▲ new
99	Australia	1	▲ new
100	SMB	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		7 (31.8%)
Clop		2 (9.1%)
RAT		2 (9.1%)
Vawtrak		2 (9.1%)
NetWireRC		2 (9.1%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
MuddyWater		1 (33.3%)
UNC5221		1 (33.3%)
APT28		1 (33.3%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		16 (36.4%)
Campaign		9 (20.5%)
RCE		7 (15.9%)
Phishing		5 (11.4%)
hacking		4 (9.1%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Government		4 (11.4%)
United States		4 (11.4%)
Microsoft		4 (11.4%)
Kaspersky		3 (8.6%)
Ucraina		2 (5.7%)

Threat info

Last 5

SNS

(Total : 8)

Total keyword

ZeroDay Exploit Vulnerability RCE DarkWeb target hacking powershell Attacker Apple targeted iPhone CVSS NAS Fortinet Report attack

No	Title	Date
1	BleepingComputer @BleepinComputer Apple fixes two zero-days exploited in targeted iPhone attacks - @LawrenceAbrams https://t.co/KrsDnhTPZd https://t.co/KrsDnhTPZd	2025.04.16
2	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???? Alleged 0day Exploit: Arbitrary File Upload in TinyMCE / CKEditor 5 A threat actor is allegedly offering a zero-day arbitrary file upload to RCE vulnerability affecting TinyMCE and CKEditor 5. ???? Not tied to any known CVE ???? Proof-of-Concept only available via escrow ???? https://t.co/Lzy	2025.04.15
3	The Hacker News @TheHackersNews ???? Alert — A 9.0 CVSS flaw in Gladinet’s CentreStack also affects Triofox—both used for remote access. Attackers exploited it as a zero-day in March, hitting 7 orgs by April 11. ???? Root cause: Hardcoded crypto keys → enabled RCE via PowerShell + DLL sideloading ???? Read: https://t.co/w6EXAZH	2025.04.15
4	Pierluigi Paganini - Security Affairs @securityaffairs @AlvieriD #Hertz disclosed a data breach following 2024 #Cleo zero-day attack https://t.co/vroa6gCKt0 #securityaffairs #hacking	2025.04.15
5	Cyber_OSINT @Cyber_O51NT A threat actor is reportedly offering a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls, according to SecurityWeek. #CyberSecurity #Fortinet https://t.co/Hyk2AvxSut	2025.04.14

News

(Total : 14)

Total keyword

ZeroDay Malware Vulnerability Exploit Campaign attack Windows Update Report Ransomware target Phishing Email Android Advertising intelligence Attacker Government Linux Microsoft Software Victim United States Password RCE c&c IoC hacking Kaspersky Russia Check Point RAT WhatsApp China Google NetWireRC GitHub Europe Vawtrak Ucraina Clop WinRAR AsyncRAT South Korea UNC5221 conference MuddyWater Clipbanker Trojan Cobalt Strike powershell Australia GameoverP2P Türkiye Browser SMB APT28 MalSpam Backdoor Stealer Operation Iran XWorm EDR Lumma Takedown Fortinet Malicious Traffic United Kingdom ToddyCat Attacks Criminal HyperSSL ...

No	Title	Date
1	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
2	Multiple orgs subjected to attacks involving Gladinet zero-day - Malware.News	2025.04.16
3	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
4	How Indicators of Compromise, Attack, and Behavior Help Spot and Stop Cyber Threats - Malware.News	2025.04.16
5	씨큐비스타, K-CTI 2025서 '네트워크 기반 공격자 TTP 탐지 대응방안' 발표 - 데일리시큐	2025.04.16

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
2	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
3	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
4	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
5	Fortinet 0-Day, Spotify Checker Shared, and STX Leak Campaign - Malware.News	2025.04.15
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.