Product

Jake Trujillo
May 1, 2025
Cybersecurity threats evolve rapidly, and staying informed is crucial for keeping your organization safe. Each month, we analyze the most targeted technologies to help you focus your defenses where they’re needed most. Here are the 20 technologies that were most targeted by cyber threats over the past 30 days, along with top advice to mitigate threats for each.

1. Microsoft Windows
Threat Overview: Frequently exploited through OS vulnerabilities, ransomware, and privilege escalation.
Top Advice: Apply updates immediately, enable Defender or another EDR, and enforce strong access control.
Threats over the last 30 days: 89
Top threats affecting Microsoft Windows
2. Linux Distributions
Threat Overview: Targeted by ransomware and misconfiguration exploits in server environments.
Top Advice: Use SELinux/AppArmor, monitor with a SIEM, and restrict unnecessary services.
Threats over the last 30 days: 24
Top threats affecting Linux Distributions
3. Cisco Technologies
Threat Overview: Vulnerabilities in routers and switches often exploited for network access.
Top Advice: Patch firmware promptly, segment network zones, and disable remote management.
Threats over the last 30 days: 11
Top threats affecting Cisco Technologies
4. Fortinet Technologies
Threat Overview: Exploits in FortiGate firewalls and other security appliances.
Top Advice: Apply firmware updates regularly and review access control policies.
Threats over the last 30 days: 11
Top threats affecting Fortinet Technologies
5. WordPress Related Technologies and Plugins
Threat Overview: Exploitation of outdated plugins and themes.
Top Advice: Limit plugin use, keep all components updated, and use WAF protection.
Threats over the last 30 days: 11
Top threats affecting WordPress Related Technologies and Plugins
6. Palo Alto Networks
Threat Overview: Targeted by attackers looking to bypass firewall configurations.
Top Advice: Harden PAN-OS, restrict admin interfaces, and monitor traffic patterns.
Threats over the last 30 days: 10
Top threats affecting Palo Alto Networks
7. VMware Technologies
Threat Overview: Attackers exploit VM infrastructure to move laterally inside networks.
Top Advice: Keep vSphere updated, isolate management networks, and enforce MFA.
Threats over the last 30 days: 8
Top threats affecting VMware Technologies
8. Apple Ecosystem
Threat Overview: Phishing, sideloaded apps, and zero-day exploits.
Top Advice: Manage devices with MDM, apply iOS/macOS updates promptly, and use Gatekeeper.
Threats over the last 30 days: 8
Top threats affecting Apple Ecosystem
9. Google Android
Threat Overview: Malicious apps and unpatched OS vulnerabilities.
Top Advice: Use Google Play Protect, limit app permissions, and enforce OS-level encryption.
Threats over the last 30 days: 8
Top threats affecting Google Android
10. Mozilla Products
Threat Overview: Browser exploits and malicious extensions.
Top Advice: Enable auto-updates, disable third-party extensions, and use container tabs for privacy.
Threats over the last 30 days: 8
Top threats affecting Mozilla Products
11. Google Chrome
Threat Overview: Browser-based vulnerabilities and phishing extensions.
Top Advice: Use group policy to enforce safe settings, auto-update, and monitor extensions.
Threats over the last 30 days: 7
Top threats affecting Google Chrome
12. Ivanti Products
Threat Overview: Attackers exploit ITSM and endpoint manager flaws.
Top Advice: Limit access by role, patch aggressively, and conduct vulnerability scans.
Threats over the last 30 days: 6
Top threats affecting Ivanti Products
13. Microsoft Office
Threat Overview: Macro-laden documents used for phishing and malware.
Top Advice: Disable macros by default, use Protected View, and filter suspicious attachments.
Threats over the last 30 days: 5
Top threats affecting Microsoft Office
14. Kubernetes Technologies
Threat Overview: Misconfigurations and exposed APIs.
Top Advice: Use role-based access control, audit cluster activity, and rotate secrets.
Threats over the last 30 days: 4
Top threats affecting Kubernetes Technologies
15. Microsoft Azure Services
Threat Overview: Credential theft and misconfiguration in cloud workloads.
Top Advice: Enable logging, restrict IAM roles, and use Defender for Cloud recommendations.
Threats over the last 30 days: 4
Top threats affecting Microsoft Azure Services
16. Python
Threat Overview: Supply chain attacks via compromised PyPI packages.
Top Advice: Use signed packages, scan dependencies, and lock versions with requirements files.
Threats over the last 30 days: 4
17. SonicWall Technologies
Threat Overview: Firmware vulnerabilities in firewalls and VPNs.
Top Advice: Regularly update firmware, restrict admin access, and segment networks.
Threats over the last 30 days: 4
Top threats affecting SonicWall Technologies
18. JavaScript Ecosystem
Threat Overview: Compromised npm packages used for supply chain attacks.
Top Advice: Use verified libraries, audit dependencies with tools like Snyk, and apply subresource integrity checks.
Threats over the last 30 days: 4
Top threats affecting JavaScript Ecosystem
19. F5 BIG-IP Product Line
Threat Overview: Critical RCE and privilege escalation vulnerabilities.
Top Advice: Patch early, restrict public access, and monitor with telemetry tools.
Threats over the last 30 days: 4
Top threats affecting F5 BIG-IP Product Line
20. Zyxel Technologies
Threat Overview: Router and firewall vulnerabilities.
Top Advice: Change default credentials, update firmware, and disable remote web access.
Threats over the last 30 days: 4
Top threats affecting Zyxel Technologies
To stay informed about the threats targeting the technologies you care about, prioritized in real time within the context of the entire threat landscape, all within Microsoft Security Copilot, join the private preview today.
Source: Fletch internal data April 1st to May 1st