Check the router - someone tried to scan the internal network from it (if the router itself did not do this before). It is possible that it was hacked or picked up a password.

Three options can be offered:
1) The Zyxel router itself updates the list of busy devices (enabled, for example, by DHCP);
2) Someone outside the router is trying to "get through" to your internal addresses;
3) Someone from inside the router (and there inside Linux with the whole environment + shell) is trying to find something for their further "penetration" and "fixing" on your network.
Over the past couple of days, I heard about some kind of anomalous activity of subscribers with Zyxel routers, however, there was no confirmation of this. Just in case, disconnect the router from the external network, look at the activity. You can reset to factory settings, update the firmware to the latest and, without connecting to the network, check for who has requests. But this is already an amateur.

Reboot router. If the packets are lost, it has been hacked. Usually the malware does not survive a reboot, this should be enough. But you need to update the firmware in any case, even if the reboot helps, as it will help for a short time :-)