Forensics and Cyber Threat Research Area

Threat Intelligence | Insider Threat Detection | User Behavior Analytics | Cyber Threat Management | Data Security Intelligence | Cloud Security Intelligence Application Security Intelligence | Anomaly & Pattern Detection |  Security Information Event Management | Digital Forensics | Data Recovery | Malware Investigation | Packet Analytics | Packet Forensics | security operations and analytics platform architecture (SOAPA)

Weekly Threat Advisory

Home » Blog » Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025

 Posted in Threat Intelligence

Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025

   5th June 2025  Leave a Comment on Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025 0 264

Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025

The latest edition of the Weekly Threat Advisory presents an in-depth assessment of evolving cyber risks, spotlighting recently identified threat groups, sophisticated malware variants, ongoing ransomware activity, targeted intrusion campaigns, critical software vulnerabilities (CVEs), and advanced phishing toolkits impacting diverse sectors. Threat actors are taking advantage of newly surfaced security gaps, orchestrating more deceptive phishing operations, and leveraging intelligent malware designed to evade conventional security controls. Ransomware attacks are steadily increasing, frequently involving double extortion techniques and breaches in the software supply chain to amplify their effects. At the same time, phishing infrastructure is becoming more sophisticated, facilitating widespread credential harvesting and unauthorized system infiltration. This advisory stresses the immediate need for security teams to remain proactive—through rapid patching, improved threat hunting strategies, and enhanced detection mechanisms—to stay ahead of the ever-advancing threat environment.

Threat Actors

💡 APT43
💡 Muddled Libra
💡 APT36
💡 UTG-Q-015
💡 Aquatic Panda
💡 Unit 26165
💡 unc5174
💡 TA406

Malware

📌 DPRK RevGen
📌 Adwind RAT
📌 Crocodilus
📌 Floxif
📌 Xred
📌 Snipvex
📌 Clipbanker
📌 RedLineStealer
📌 AgentTesla
📌 DarkCloudStealer
📌 Remcos
📌 More Eggs
📌 FrigidStealer
📌 PupkinStealer
📌 Fake Kling
📌 Lumma Stealer
📌 AdaptixC2
📌 NetSupport RAT
📌 STEALC V2
📌 LummaC2
📌 W3LL_Phishing_Kit
📌 DOUBLELOADER

Ransomware

📍 ELPACO-team
📍 DEVMAN RANSOMWARE
📍 Everest Ransomware

Campaigns & Phishing Kit

🛡️ Malicious npm Packages
🛡️ Fake KeePass password manager

CVE

👉 CVE-2025-47733
👉 CVE-2025-41229
👉 CVE-2025-41230
👉 CVE-2025-41231
👉 CVE-2025-43714
👉 CVE-2025-21524
👉 CVE-2025-4918
👉 CVE-2025-4641

Happy Threat Hunting

#threathunting #threatintelligence #cybersecurity #threatactor #malware #CVE #campaign #ransomware #phishing #threatadvisory #ThreatFeeds #APTGroups #InfosecIntel #CTI #IOC #CyberThreatIntel #TTPs #CyberThreatReport #campaigns

Author: Rohit Sadgune
Core Working Areas :- Threat Intelligence, Digital Forensics, Incident Response, Fraud Investigation, Web Application Security Technical Certifications :- Computer Hacking Forensics Investigator | Certified Ethical Hacker | Certified Cyber crime investigator | Certified Professional Hacker | Certified Professional Forensics Analyst | Redhat certified Engineer | Cisco Certified Network Associates | Certified Firewall Solutions | Certified Network Monitoring Solution | Certified Proxy Solutions
Website

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter Captcha Here : *

Reload Image

Indicator of Attacks | Indicator of Compromise

Top SIEM Use Cases | Threat Hunting Hypothesis | Deep Packet Inspection | Insider Threat Hunting | Hunting Data Exfiltration | Banking Fraud | ATM Use Cases | Cross Channel Data Exfiltration | Hunting Endpoint Anomaly | Denial-of-service | Man-in-the-middle (MitM) attack | Spear phishing attacks | Drive-by attack | Eavesdropping attack | Birthday attack