popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 19:37

First reported date: 2008/01/07
Inquiry period : 2025/03/29 19:37 ~ 2025/04/28 19:37 (1 months), 494 search results

전 기간대비 16% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Exploit Vulnerability attack Update Report 입니다.
공격자 UNC5221 Kimsuky 도 새롭게 확인됩니다.
기타 file CrushFTP Connect April 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 28th April – Threat Intelligence Report
    ㆍ 2025/04/28 Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
    ㆍ 2025/04/28 The 2026 FIFA World Cup is coming to North America, and so are the ticket scams

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Exploit 494 ▲ 80 (16%)
2Malware 244 ▼ -9 (-4%)
3Vulnerability 186 ▲ 19 (10%)
4attack 178 ▲ 12 (7%)
5Update 156 ▲ 9 (6%)
6Report 141 ▲ 15 (11%)
7target 117 ▼ -13 (-11%)
8Campaign 98 ▼ -7 (-7%)
9ZeroDay 81 ▲ 8 (10%)
10RCE 77 ▲ 69 (90%)
11United States 72 ▼ -5 (-7%)
12intelligence 71 ▼ -7 (-10%)
13Microsoft 69 ▼ -8 (-12%)
14Phishing 68 ▼ -11 (-16%)
15Advertising 65 ▼ -3 (-5%)
16Windows 64 ▼ -10 (-16%)
17Ransomware 63 ▲ 5 (8%)
18Software 62 ▼ -4 (-6%)
19Operation 61 ▼ -15 (-25%)
20Google 56 ▲ 5 (9%)
21Criminal 54 ▼ -12 (-22%)
22hacking 52 ▲ 11 (21%)
23Email 46 ▼ -17 (-37%)
24CISA 46 ▲ 10 (22%)
25threat 45 ▲ 16 (36%)
26Victim 44 ▼ -25 (-57%)
27CVSS 40 ▲ 8 (20%)
28CVE 39 ▲ 1 (3%)
29Remote Code Execution 37 ▼ -83 (-224%)
30China 37 ▼ -4 (-11%)
31securityaffairs 35 ▲ 18 (51%)
32flaw 34 ▲ 23 (68%)
33Government 33 ▼ -12 (-36%)
34Education 32 ▼ -18 (-56%)
35Kaspersky 32 ▼ -9 (-28%)
36Android 27 ▼ -3 (-11%)
37MWNEWS 27 ▲ 8 (30%)
38Password 27 - 0 (0%)
39GitHub 27 ▼ -7 (-26%)
40Critical 26 ▲ 12 (46%)
41Ivanti 26 ▲ 24 (92%)
42VPN 26 ▲ 11 (42%)
43Linux 26 ▲ 4 (15%)
44Browser 24 ▼ -1 (-4%)
45c&c 24 ▲ 8 (33%)
46Apple 23 ▲ 11 (48%)
47Social Engineering 23 ▲ 6 (26%)
48Russia 22 ▼ -14 (-64%)
49Backdoor 22 ▼ -9 (-41%)
50IoC 21 - 0 (0%)
51MFA 17 ▼ -15 (-88%)
52access 17 ▲ 6 (35%)
53WordPress 17 ▲ 14 (82%)
54hijack 16 ▲ 2 (13%)
55Supply chain 16 ▼ -13 (-81%)
56Stealer 16 ▼ -20 (-125%)
57DarkWeb 16 ▼ -14 (-88%)
58Chrome 16 ▼ -8 (-50%)
59plugin 16 ▲ 11 (69%)
60Cisco 16 ▼ -14 (-88%)
61group 16 ▲ 9 (56%)
62powershell 15 ▼ -3 (-20%)
63Japan 15 ▲ 1 (7%)
64GameoverP2P 15 ▼ -2 (-13%)
65Distribution 15 ▼ -3 (-20%)
66US 14 ▲ 5 (36%)
67payment 13 ▼ -4 (-31%)
68South Korea 13 ▲ 10 (77%)
69DNS 13 ▲ 5 (38%)
70LinkedIn 13 ▼ -2 (-15%)
71Mandiant 13 ▲ 9 (69%)
72Code 13 - 0 (0%)
73Trojan 12 ▼ -2 (-17%)
74ios 12 ▲ 11 (92%)
75ESET 12 ▲ 1 (8%)
76AI 12 ▼ -1 (-8%)
77APT 12 ▲ 6 (50%)
78Cryptocurrency 12 ▼ -16 (-133%)
79file 11 ▲ new
80UNC5221 11 ▲ new
81Vawtrak 11 ▲ 4 (36%)
82Takedown 11 ▼ -5 (-45%)
83EDR 11 ▼ -3 (-27%)
84exploitation 10 ▼ -4 (-40%)
85NIST 10 ▲ 6 (60%)
86ChatGPT 10 ▲ 1 (10%)
87DYEPACK 10 ▼ -5 (-50%)
88Kimsuky 10 ▲ new
89CrushFTP 10 ▲ new
90Telegram 10 ▼ -10 (-100%)
91Secure 10 ▲ 9 (90%)
92DDoS 10 ▼ -3 (-30%)
93cloud 10 ▲ 3 (30%)
94United Kingdom 9 - 0 (0%)
95Fortinet 9 - 0 (0%)
96Connect 9 ▲ new
97Java 9 ▼ -6 (-67%)
98NetWireRC 9 ▼ -7 (-78%)
99detection 9 ▲ 1 (11%)
100April 8 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
63 (53.8%)
GameoverP2P
15 (12.8%)
Trojan
12 (10.3%)
Vawtrak
11 (9.4%)
DYEPACK
10 (8.5%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
UNC5221
11 (52.4%)
Kimsuky
10 (47.6%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
494 (53%)
Campaign
98 (10.5%)
RCE
77 (8.3%)
Phishing
68 (7.3%)
hacking
52 (5.6%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
72 (13.7%)
Microsoft
69 (13.1%)
Google
56 (10.6%)
CISA
46 (8.7%)
China
37 (7%)
Threat info
Last 5

SNS

(Total : 223)
  Total keyword

Exploit attack Vulnerability Malware hacking ZeroDay Update Report Attacker Campaign Ransomware target CISA Windows Phishing RCE Criminal CVE Microsoft US United States Google Android APT Apple Government China CVSS Japan Linux Email VPN Operation Kaspersky Kimsuky WordPress Chrome Advertising Remote Code Execution South Korea unc5221 Victim Russia plugin Cisco Password Fortinet Software hijack Social Engineering Browser BlueKeep Targeted Education EDR DNS Mandiant ESET ...

No Title Date
1The Hacker News @TheHackersNews
???? 13,000+ sites at risk. Hackers are actively exploiting 2 zero-days in Craft CMS, hitting servers via image tools. One flaw scores 10.0 CVSS—worst possible. Nearly 300 sites likely breached already. Watch for POST hits to "/actions/assets/generate-transform" ???? Details: https://t.co/26th3b4		2025.04.28
2Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
Exploit: https://t.co/naSTTKaWDe		2025.04.27
3Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???????????? Alleged Breach of Bagmati Province Public Service Commission (PPSC) A threat actor claims to be selling exploit access to the Province Public Service Commission (PPSC) of Bagmati Province, Nepal — allowing mass file downloads. ???? Target: Province Public Service Commission https://t.		2025.04.26
4Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
????Alleged Sale of Arbitrum Bridge Exploit Price: 100,000$ https://t.co/HiqMljNkE4		2025.04.26
5Cyber_OSINT @Cyber_O51NT
JPCERT warns of DslogdRAT malware exploiting a patched flaw in Ivanti Connect Secure, allowing remote code execution and targeting Japanese organizations, while also linked to the APT Silk Typhoon. #CyberSecurity #Malware https://t.co/LdcjAxvite		2025.04.26

News

(Total : 271)
  Total keyword

Exploit Malware Vulnerability Update attack Report Attacker target Campaign intelligence RCE United States Advertising Software Microsoft Operation Phishing ZeroDay Windows Google Ransomware Victim Email Criminal Remote Code Execution CVSS Education China GitHub CISA Kaspersky CVE c&c Government Password Backdoor IoC Browser Social Engineering VPN Linux Russia Android MFA hacking GameoverP2P Supply chain Stealer powershell DarkWeb Distribution LinkedIn Apple payment hijack plugin Trojan Cisco NIST DYEPACK WordPress DNS Cryptocurrency ChatGPT Mandiant Vawtrak Takedown Java Chrome ESET DDoS Twitter Telegram PoC United Kingdom EDR Recorded Future Firmware Check Point MacOS Europe VirusTotal South Korea WhatsApp Smishing Ucraina arrest patch RATel ...

No Title Date
128th April – Threat Intelligence Report - Malware.News2025.04.28
2Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised - The Hacker News2025.04.28
3The 2026 FIFA World Cup is coming to North America, and so are the ticket scams - Malware.News2025.04.28
4Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News2025.04.26
5Threat Hunting: For what, when, and how? - Malware.News2025.04.26

Additional information

No Title Date
128th April – Threat Intelligence Report - Malware.News2025.04.28
228th April – Threat Intelligence Report - Malware.News2025.04.28
328th April – Threat Intelligence Report - Malware.News2025.04.28
4The 2026 FIFA World Cup is coming to North America, and so are the ticket scams - Malware.News2025.04.28
5Threat Hunting: For what, when, and how? - Malware.News2025.04.26
View only the last 5
No data
No data
No data
No URL CC ASN Co Reporter Date
1http://091.sh/shell/coco.zip
exploit php shell 		US USCNSERVERSAsh_XSS_12025.02.19
2https://onge.org/software/WAV_Phoneme_Data_Copier.zip
exploit zip 		US USCLOUDFLARENETabus3reports2024.12.09
3http://87.120.84.38/txt/yugozxcvb.doc
CVE_2018_0798 exploit RTF 		BG BGSharcom Ltd.Riordz2024.10.18
4http://146.56.118.137/m8.bin
exploit marte 		JP JPabus3reports2024.10.18
5http://91.92.246.65:8000/a9021da
exploit opendir xml 		BG BGNatskovi & Sie Ltd.abus3reports2024.09.29
View only the last 5
Beta Service, If you select keyword, you can check detailed information.