[June 2025 Web Attack Trend Analysis]
1. Weekly Web Attack Trend Analysis
Weekly web attack trend analysis allows us to identify periods when web attacks were concentrated at specific points in time. Based on this, we can establish preventive and response strategies in advance to prepare for periods when attacks are frequent.
The graph below visualizes the number of web attacks detected by AIWAF on a weekly basis during the month of June 2025.
An analysis of data detected by AIWAF during the month of June 2025 revealed that an average of approximately 290,000 web attacks were detected per day. This figure shows a significant increase compared to the previous month, indicating that threats to web servers are becoming increasingly sophisticated. In addition, the frequency of attacks was higher on weekends (Saturday and Sunday) than on weekdays, which can be interpreted as a strategic approach targeting lower web server usage outside of business hours.
In particular, June 2 was the day with the highest concentration of web attacks during the entire period, and SQL injection accounted for the highest proportion of attack types detected on that date. SQL Injection is a representative attack method that can be used to manipulate databases to steal system privileges or leak internal information. Attackers typically use this technique to bypass user authentication procedures or to understand database structures, and due to these characteristics, special attention is required to protect sensitive corporate information. In fact, AIWAF classifies SQL Injection as a high-risk attack type with the most detection patterns set.
These analysis results highlight the need for ongoing attention and precise response strategies for major web attack types, including SQL Injection, and will serve as important reference material for establishing detection and blocking policies in the future.
2. Web Attack Trends by Attack Type
By analyzing web attack trends by attack type based on detection logs, you can systematically identify which types of attacks occurred frequently over a month. Such analysis goes beyond simple statistics and serves as a key benchmark for establishing security policies and response systems for organizations.
An analysis of detection logs collected by AIWAF over the month of June 2025 revealed various types of web attacks, some of which exhibited distinct patterns, such as concentrated occurrences during specific periods or a high proportion of total attack incidents. Notably, classic yet still threatening attack types such as SQL Injection and System File Access were prevalent, and these attacks are often carried out repeatedly using automated attack tools or botnets.
The graph below visualizes the distribution of web attack types detected by AIWAF as of June 2025.
The Web Attack Trend Report provides the latest web vulnerability analyses, industry-specific attack patterns, and key CVE-based vulnerability information,
all based on processed data from the AI/ML-powered threat intelligence platform AILabs.
Subscribe to receive the full monthly Web Attack Trend Report!
