Blogs

The 20 most targeted technologies | April

Product

The 20 most targeted technologies | April

The 20 most targeted technologies | April

Jake Trujillo

May 1, 2025

Cybersecurity threats evolve rapidly, and staying informed is crucial for keeping your organization safe. Each month, we analyze the most targeted technologies to help you focus your defenses where they’re needed most. Here are the 20 technologies that were most targeted by cyber threats over the past 30 days, along with top advice to mitigate threats for each.


1. Microsoft Windows

Threat Overview: Frequently exploited through OS vulnerabilities, ransomware, and privilege escalation.

Top Advice: Apply updates immediately, enable Defender or another EDR, and enforce strong access control.

Threats over the last 30 days: 89

Top threats affecting Microsoft Windows

2. Linux Distributions

Threat Overview: Targeted by ransomware and misconfiguration exploits in server environments.

Top Advice: Use SELinux/AppArmor, monitor with a SIEM, and restrict unnecessary services.

Threats over the last 30 days: 24

Top threats affecting Linux Distributions

3. Cisco Technologies

Threat Overview: Vulnerabilities in routers and switches often exploited for network access.

Top Advice: Patch firmware promptly, segment network zones, and disable remote management.

Threats over the last 30 days: 11

Top threats affecting Cisco Technologies

4. Fortinet Technologies

Threat Overview: Exploits in FortiGate firewalls and other security appliances.

Top Advice: Apply firmware updates regularly and review access control policies.

Threats over the last 30 days: 11

Top threats affecting Fortinet Technologies

5. WordPress Related Technologies and Plugins

Threat Overview: Exploitation of outdated plugins and themes.

Top Advice: Limit plugin use, keep all components updated, and use WAF protection.

Threats over the last 30 days: 11

Top threats affecting WordPress Related Technologies and Plugins

6. Palo Alto Networks

Threat Overview: Targeted by attackers looking to bypass firewall configurations.

Top Advice: Harden PAN-OS, restrict admin interfaces, and monitor traffic patterns.

Threats over the last 30 days: 10

Top threats affecting Palo Alto Networks

7. VMware Technologies

Threat Overview: Attackers exploit VM infrastructure to move laterally inside networks.

Top Advice: Keep vSphere updated, isolate management networks, and enforce MFA.

Threats over the last 30 days: 8

Top threats affecting VMware Technologies

8. Apple Ecosystem

Threat Overview: Phishing, sideloaded apps, and zero-day exploits.

Top Advice: Manage devices with MDM, apply iOS/macOS updates promptly, and use Gatekeeper.

Threats over the last 30 days: 8

Top threats affecting Apple Ecosystem

9. Google Android

Threat Overview: Malicious apps and unpatched OS vulnerabilities.

Top Advice: Use Google Play Protect, limit app permissions, and enforce OS-level encryption.

Threats over the last 30 days: 8

Top threats affecting Google Android

10. Mozilla Products

Threat Overview: Browser exploits and malicious extensions.

Top Advice: Enable auto-updates, disable third-party extensions, and use container tabs for privacy.

Threats over the last 30 days: 8

Top threats affecting Mozilla Products

11. Google Chrome

Threat Overview: Browser-based vulnerabilities and phishing extensions.

Top Advice: Use group policy to enforce safe settings, auto-update, and monitor extensions.

Threats over the last 30 days: 7

Top threats affecting Google Chrome

12. Ivanti Products

Threat Overview: Attackers exploit ITSM and endpoint manager flaws.

Top Advice: Limit access by role, patch aggressively, and conduct vulnerability scans.

Threats over the last 30 days: 6

Top threats affecting Ivanti Products

13. Microsoft Office

Threat Overview: Macro-laden documents used for phishing and malware.

Top Advice: Disable macros by default, use Protected View, and filter suspicious attachments.

Threats over the last 30 days: 5

Top threats affecting Microsoft Office

14. Kubernetes Technologies

Threat Overview: Misconfigurations and exposed APIs.

Top Advice: Use role-based access control, audit cluster activity, and rotate secrets.

Threats over the last 30 days: 4

Top threats affecting Kubernetes Technologies

15. Microsoft Azure Services

Threat Overview: Credential theft and misconfiguration in cloud workloads.

Top Advice: Enable logging, restrict IAM roles, and use Defender for Cloud recommendations.

Threats over the last 30 days: 4

Top threats affecting Microsoft Azure Services

16. Python

Threat Overview: Supply chain attacks via compromised PyPI packages.

Top Advice: Use signed packages, scan dependencies, and lock versions with requirements files.

Threats over the last 30 days: 4

Top threats affecting Python

17. SonicWall Technologies

Threat Overview: Firmware vulnerabilities in firewalls and VPNs.

Top Advice: Regularly update firmware, restrict admin access, and segment networks.

Threats over the last 30 days: 4

Top threats affecting SonicWall Technologies

18. JavaScript Ecosystem

Threat Overview: Compromised npm packages used for supply chain attacks.

Top Advice: Use verified libraries, audit dependencies with tools like Snyk, and apply subresource integrity checks.

Threats over the last 30 days: 4

Top threats affecting JavaScript Ecosystem

19. F5 BIG-IP Product Line

Threat Overview: Critical RCE and privilege escalation vulnerabilities.

Top Advice: Patch early, restrict public access, and monitor with telemetry tools.

Threats over the last 30 days: 4

Top threats affecting F5 BIG-IP Product Line

20. Zyxel Technologies

Threat Overview: Router and firewall vulnerabilities.

Top Advice: Change default credentials, update firmware, and disable remote web access.

Threats over the last 30 days: 4

Top threats affecting Zyxel Technologies

To stay informed about the threats targeting the technologies you care about, prioritized in real time within the context of the entire threat landscape, all within Microsoft Security Copilot, join the private preview today.

Source: Fletch internal data April 1st to May 1st

See how much time you can save

Fletch gives cybersecurity professionals a prioritized list of critical tasks to start their day. Each task is correlated to and mitigates multiple alerts and threats, targeting several resources.

Join the private beta

See how much time you can save

Fletch gives cybersecurity professionals a prioritized list of critical tasks to start their day. Each task is correlated to and mitigates multiple alerts and threats, targeting several resources.

Join the private beta

See how much time you can save

Fletch gives cybersecurity professionals a prioritized list of critical tasks to start their day. Each task is correlated to and mitigates multiple alerts and threats, targeting several resources.

Join the private beta

See how much time you can save

Fletch gives cybersecurity professionals a prioritized list of critical tasks to start their day. Each task is correlated to and mitigates multiple alerts and threats, targeting several resources.

Join the private beta

See how much time you can save

Fletch gives cybersecurity professionals a prioritized list of critical tasks to start their day. Each task is correlated to and mitigates multiple alerts and threats, targeting several resources.

Join the private beta