popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 21:39

First reported date: 2010/05/28
Inquiry period : 2025/03/29 21:38 ~ 2025/04/28 21:38 (1 months), 117 search results

전 기간대비 30% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 CVE Vulnerability Exploit Update Malware 입니다.
공격기술 APT hijack 도 새롭게 확인됩니다.
기관 및 기업 SECUI AhnLab North Korea dprk 도 새롭게 확인됩니다.
기타 MITRE CrushFTP FortiGate Funding Ivanti 등 신규 키워드도 확인됩니다.

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures.

CVE(Common Vulnerabilities and Exposure)는 공개적으로 알려진 소프트웨어의 보안취약점을 가리키는 고유 표기

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk
    ㆍ 2025/04/25 DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
    ㆍ 2025/04/25 Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1CVE 117 ▲ 35 (30%)
2Vulnerability 116 ▲ 34 (29%)
3Exploit 39 ▲ 1 (3%)
4Update 33 ▲ 6 (18%)
5Malware 33 ▲ 7 (21%)
6RCE 26 ▲ 20 (77%)
7CISA 22 ▲ 16 (73%)
8CVSS 22 ▼ -2 (-9%)
9Alert 19 ▲ 7 (37%)
10Report 18 ▲ 6 (33%)
11Critical 13 ▲ 2 (15%)
12program 13 ▲ 12 (92%)
13attack 12 ▼ -8 (-67%)
14Software 12 ▲ 2 (17%)
15MITRE 11 ▲ new
16Government 10 ▲ 9 (90%)
17Operation 9 ▲ 2 (22%)
18Remote Code Execution 9 ▼ -19 (-211%)
19ZeroDay 8 ▼ -6 (-75%)
20Windows 8 ▼ -1 (-13%)
21flaw 8 ▲ 5 (63%)
22hacking 7 ▲ 4 (57%)
23Remote 7 ▲ 3 (43%)
24intelligence 7 ▼ -3 (-43%)
25target 6 ▼ -7 (-117%)
26Fortinet 6 ▲ 5 (83%)
27CrushFTP 6 ▲ new
28securityaffairs 6 ▲ 4 (67%)
29GitHub 6 ▲ 1 (17%)
30PoC 6 ▲ 2 (33%)
31access 5 - 0 (0%)
32FortiGate 5 ▲ new
33MWNEWS 5 ▲ 2 (40%)
34wild 5 ▲ 4 (80%)
35ThreatProtection 5 ▲ 1 (20%)
36Microsoft 5 ▼ -2 (-40%)
37Campaign 5 ▲ 4 (80%)
38Apache 4 ▼ -4 (-100%)
39Funding 4 ▲ new
40Ivanti 4 ▲ new
41NortonLifeLock 4 - 0 (0%)
42DDoS 4 ▲ 2 (50%)
43Cisco 4 - 0 (0%)
44Supply chain 4 ▲ 1 (25%)
45IoT 4 ▲ new
46Java 4 ▲ 1 (25%)
47Exploitation 3 ▲ new
48NTLM 3 ▲ new
49Register 3 ▲ new
50Linux 3 - 0 (0%)
51code 3 ▼ -1 (-33%)
52SSH 3 ▲ new
53WhatsApp 3 ▲ new
54Google 3 ▼ -2 (-67%)
55contract 3 ▲ new
56LinkedIn 3 ▲ new
57NIST 3 ▲ 2 (67%)
58CVEs 3 ▲ new
59Command 3 ▲ new
60Allows 2 ▲ new
61APT 2 ▲ new
62continuity 2 ▲ new
63extension 2 ▲ new
64Old 2 ▲ new
65cti 2 ▲ new
66SECUI 2 ▲ new
67AhnLab 2 ▲ new
68North Korea 2 ▲ new
69ErlangOTP 2 ▲ new
70file 2 ▲ new
71available 2 ▲ new
72CISAs 2 ▲ new
73MITREs 2 ▲ new
74overflow 2 ▲ new
75dprk 2 ▲ new
76randomquery 2 ▲ new
77recent 2 ▲ new
78Larva 2 ▲ new
79Telegram 2 ▲ new
80vulnerable 2 ▲ new
81Execution 2 ▲ 1 (50%)
82Vite 2 ▲ new
83Active 2 ▲ 1 (50%)
84hijack 2 ▲ new
85NVIDIA 2 ▲ new
86disclosure 2 ▲ new
87United States 2 - 0 (0%)
88Docker 2 ▲ new
89DYEPACK 2 ▼ -2 (-100%)
90Gladinet 2 ▲ new
91Education 2 ▲ 1 (50%)
92Password 2 - 0 (0%)
93Center 2 ▲ new
94SAP 2 ▲ new
95href 2 ▲ new
96SHODAN 2 ▼ -1 (-50%)
97Mandiant 2 ▲ 1 (50%)
98amp 2 - 0 (0%)
99Secure 2 ▲ new
100Authentication 2 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
DYEPACK
2 (33.3%)
NetWireRC
1 (16.7%)
BlackSuit
1 (16.7%)
DslogdRAT
1 (16.7%)
Vawtrak
1 (16.7%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
39 (41.5%)
RCE
26 (27.7%)
Remote Code Execution
9 (9.6%)
hacking
7 (7.4%)
Campaign
5 (5.3%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
CISA
22 (33.3%)
Government
10 (15.2%)
Fortinet
6 (9.1%)
Microsoft
5 (7.6%)
Cisco
4 (6.1%)
Threat info
Last 5

SNS

(Total : 75)
  Total keyword

CVE Vulnerability Exploit Attacker Update CVSS RCE hacking CISA ZeroDay attack Report Malware Windows Remote Code Execution PoC Fortinet North Korea Telegram WhatsApp hijack dprk APT AhnLab Microsoft SSRF DDoS SECUI Cisco Campaign SHODAN iPhone Password Email ChatGPT Education WordPress ...

No Title Date
1Hunter @HunterMapping
????Alert???? two new vulnerabilities in React Router CVE-2025-43864: DoS via cache poisoning by forcing SPA mode CVE-2025-43865: Pre-render data spoofing on React-Router framework mode ????PoC from @zhero___ & @inzo____ : CVE-2025-43864:https://t.co/hfhSnQ6p8F https://t.co/pTwRxdMNwf		2025.04.28
2Hunter @HunterMapping
????Alert???? CVE-2025-31324(CVSS v3 score: 10.0):Critical SAP NetWeaver Zero-Day Vulnerability ????EXP : https://t.co/rffC5FzOf3 ????23K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/GaOcRgCFh8 ????Query HUNTER : https://t.co/q9rtuGgxk7="SAP https://t.co/LH		2025.04.27
3Hunter @HunterMapping
????Alert???? CVE-2025-32432:Craft CMS Allows Remote Code Execution ????EXP : https://t.co/SjQRk5TZLC ????997.9K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/CF2MvxksAI ????Query HUNTER : https://t.co/q9rtuGgxk7="Craft CMS" FOFA https://t.co/GgDFwrqpRx		2025.04.27
4The Hacker News @TheHackersNews
???? Hackers could be one path away from your sensitive files! ???? New CVEs expose major flaws in Rack & Infodraw systems: ???? CVE-2025-27610 lets attackers read config files & credentials via path traversal. ???? Infodraw CVE-2025-43928 allows any file to be read or deleted—no https://		2025.04.25
5Cyber_OSINT @Cyber_O51NT
Cybersecurity researchers reported three vulnerabilities in Rack::Static, potentially allowing attackers to access files and tamper with logs; CVE-2025-27610 is noted with a CVSS score of 7.5. #Cybersecurity #Ruby #DataBreach https://t.co/acMa17y088		2025.04.25

News

(Total : 42)
  Total keyword

Vulnerability CVE Malware Exploit Update RCE CISA Report CVSS Software Attacker Government Operation attack intelligence GitHub target Remote Code Execution Supply chain IoT Windows ZeroDay Linux Campaign NIST Microsoft Java LinkedIn CVEs Fortinet DYEPACK Cisco Commvault United States PoC DDoS Google VPN Red Hat hacking BlackSuit Distribution DslogdRAT Japan NetWireRC Vawtrak WhatsApp Docker DNS Ubuntu NSA Education Qualys Europe ...

No Title Date
1NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk - TrendMicro2025.04.28
2DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks - The Hacker News2025.04.25
3Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028) - FortiGuard Labs2025.04.25
4CVE-2025-34028: PoC Released for Critical RCE Vulnerability in Commvault Command Center - Malware.News2025.04.25
5159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure - The Hacker News2025.04.24

Additional information

Level Description
warning File has been identified by 29 AntiVirus engines on VirusTotal as malicious
watch Communicates with host for which no DNS query was performed
watch Resumed a suspended thread in a remote process potentially indicative of process injection
notice Allocates read-write-execute memory (usually to unpack itself)
notice An application raised an exception which may be indicative of an exploit crash
notice Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice Performs some HTTP requests
notice Uses Windows utilities for basic Windows functionality
notice Yara rule detected in process memory
info One or more processes crashed
Network ET INFO TLS Handshake Failure
Network SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
No data
No data
Beta Service, If you select keyword, you can check detailed information.