popup

Cyber Threat Trends

  1. Day Month

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 23:52

First reported date: 2010/05/28
Inquiry period : 2025/04/21 23:52 ~ 2025/04/28 23:52 (7 days), 21 search results

전 기간대비 -124% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 RCE Alert attack CVSS PoC 입니다.
악성코드 유형 NetWireRC DslogdRAT 도 새롭게 확인됩니다.
기관 및 기업 Commvault Japan NSA Qualys 도 새롭게 확인됩니다.
기타 ZeroDay IoT Allows Command Center 등 신규 키워드도 확인됩니다.

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures.

CVE(Common Vulnerabilities and Exposure)는 공개적으로 알려진 소프트웨어의 보안취약점을 가리키는 고유 표기

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk
    ㆍ 2025/04/25 DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
    ㆍ 2025/04/25 Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Vulnerability 21 ▼ -25 (-119%)
2CVE 21 ▼ -26 (-124%)
3RCE 11 ▲ 2 (18%)
4Exploit 8 ▼ -2 (-25%)
5Alert 7 ▲ 3 (43%)
6Malware 6 ▼ -8 (-133%)
7attack 5 ▲ 2 (40%)
8Update 5 ▼ -3 (-60%)
9CVSS 5 ▲ 1 (20%)
10Report 4 ▼ -5 (-125%)
11ZeroDay 3 ▲ new
12PoC 3 ▲ 1 (33%)
13Software 2 ▼ -4 (-200%)
14Supply chain 2 ▲ 1 (50%)
15Operation 2 ▼ -3 (-150%)
16IoT 2 ▲ new
17Allows 2 ▲ new
18program 2 ▼ -9 (-450%)
19Commvault 2 ▲ new
20remote 2 - 0 (0%)
21Command 2 ▲ new
22Center 2 ▲ new
23SAP 2 ▲ new
24ErlangOTP 2 ▲ new
25target 2 ▲ 1 (50%)
26CVEs 2 ▲ new
27GitHub 2 - 0 (0%)
28DDoS 2 ▲ 1 (50%)
29NetWeaver 1 ▲ new
30path 1 ▲ new
31Infodraw 1 ▲ new
32sensitive 1 ▲ new
33Null 1 ▲ new
34SSLVPN 1 ▲ new
35NetWireRC 1 ▲ new
36Japan 1 ▲ new
37DslogdRAT 1 ▲ new
38Riva 1 ▲ new
39Ivanti 1 ▲ new
40ICS 1 ▲ new
41ruby 1 ▲ new
42databreach 1 ▲ new
43RackStatic 1 ▲ new
44access 1 ▲ new
45Disclosure 1 - 0 (0%)
46tamper 1 ▲ new
47CMS 1 ▲ new
48v3 1 ▲ new
49score 1 ▲ new
50mode 1 ▲ new
51Vulnerabilities 1 ▲ new
52React 1 ▲ new
53NVIDIA 1 ▲ new
54SonicOS 1 ▲ new
55NSA 1 ▲ new
56Q1 1 ▲ new
57Ubuntu 1 ▲ new
58SSH 1 ▲ new
59Maximum 1 ▲ new
60Cisco 1 ▼ -1 (-100%)
61WhatsApp 1 ▲ new
62FortiGuard 1 ▲ new
63available 1 ▲ new
64critical 1 ▼ -3 (-300%)
65Active 1 - 0 (0%)
66Mail 1 ▲ new
67ReversingLabs 1 ▲ new
68Changes 1 ▲ new
69call 1 ▲ new
70Linux 1 - 0 (0%)
71DNS 1 ▲ new
72Exploited 1 ▲ new
73Docker 1 ▲ new
74user 1 ▲ new
75HardenRunner 1 ▲ new
76code 1 - 0 (0%)
77execution 1 - 0 (0%)
78DYEPACK 1 - 0 (0%)
79Qualys 1 ▲ new
80Education 1 - 0 (0%)
81CISA 1 ▼ -18 (-1800%)
82Government 1 ▼ -7 (-700%)
83intelligence 1 ▼ -4 (-400%)
84NIST 1 - 0 (0%)
85Redis 1 ▲ new
86Exposes 1 ▲ new
87Leave 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
NetWireRC
1 (33.3%)
DslogdRAT
1 (33.3%)
DYEPACK
1 (33.3%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
RCE
11 (52.4%)
Exploit
8 (38.1%)
DDoS
2 (9.5%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Commvault
2 (25%)
Japan
1 (12.5%)
NSA
1 (12.5%)
Cisco
1 (12.5%)
Qualys
1 (12.5%)
Threat info
Last 5

SNS

(Total : 12)
  Total keyword

Vulnerability CVE RCE Attacker CVSS DDoS PoC ZeroDay Report attack Exploit

No Title Date
1Hunter @HunterMapping
????Alert???? two new vulnerabilities in React Router CVE-2025-43864: DoS via cache poisoning by forcing SPA mode CVE-2025-43865: Pre-render data spoofing on React-Router framework mode ????PoC from @zhero___ & @inzo____ : CVE-2025-43864:https://t.co/hfhSnQ6p8F https://t.co/pTwRxdMNwf		2025.04.28
2Hunter @HunterMapping
????Alert???? CVE-2025-31324(CVSS v3 score: 10.0):Critical SAP NetWeaver Zero-Day Vulnerability ????EXP : https://t.co/rffC5FzOf3 ????23K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/GaOcRgCFh8 ????Query HUNTER : https://t.co/q9rtuGgxk7="SAP https://t.co/LH		2025.04.27
3Hunter @HunterMapping
????Alert???? CVE-2025-32432:Craft CMS Allows Remote Code Execution ????EXP : https://t.co/SjQRk5TZLC ????997.9K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/CF2MvxksAI ????Query HUNTER : https://t.co/q9rtuGgxk7="Craft CMS" FOFA https://t.co/GgDFwrqpRx		2025.04.27
4The Hacker News @TheHackersNews
???? Hackers could be one path away from your sensitive files! ???? New CVEs expose major flaws in Rack & Infodraw systems: ???? CVE-2025-27610 lets attackers read config files & credentials via path traversal. ???? Infodraw CVE-2025-43928 allows any file to be read or deleted—no https://		2025.04.25
5Cyber_OSINT @Cyber_O51NT
Cybersecurity researchers reported three vulnerabilities in Rack::Static, potentially allowing attackers to access files and tamper with logs; CVE-2025-27610 is noted with a CVSS score of 7.5. #Cybersecurity #Ruby #DataBreach https://t.co/acMa17y088		2025.04.25

News

(Total : 9)
  Total keyword

CVE Vulnerability Exploit RCE Malware Update attack Report Attacker CVSS CVEs Commvault IoT Supply chain Operation GitHub Software target NetWireRC ZeroDay Japan DslogdRAT PoC DYEPACK NIST Ubuntu Cisco WhatsApp Linux DNS intelligence Docker Qualys Education NSA CISA Government

No Title Date
1NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk - TrendMicro2025.04.28
2DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks - The Hacker News2025.04.25
3Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028) - FortiGuard Labs2025.04.25
4CVE-2025-34028: PoC Released for Critical RCE Vulnerability in Commvault Command Center - Malware.News2025.04.25
5159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure - The Hacker News2025.04.24

Additional information

Level Description
warning File has been identified by 29 AntiVirus engines on VirusTotal as malicious
watch Communicates with host for which no DNS query was performed
watch Resumed a suspended thread in a remote process potentially indicative of process injection
notice Allocates read-write-execute memory (usually to unpack itself)
notice An application raised an exception which may be indicative of an exploit crash
notice Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice Performs some HTTP requests
notice Uses Windows utilities for basic Windows functionality
notice Yara rule detected in process memory
info One or more processes crashed
Network ET INFO TLS Handshake Failure
Network SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
No data
No data
Beta Service, If you select keyword, you can check detailed information.